CISA Updates its Zero Trust Maturity Model
April 19, 2023
Washington, DC. The Cybersecurity and Infrastructure Security Agency (CISA) ratified its Zero Trust Maturity Model version 2. CISA received and evaluated public inquiries to expand the federal government’s continuation of a zero trust approach supporting the National Cybersecurity Strategy.
The Zero Trust Maturity Model was developed for federal use, but CISA recommends all industry players to move toward a zero trust model. “CISA has been acutely focused on guiding agencies, who are at various points in their journey, as they implement zero trust architecture,” said Chris Butera, Technical Director for Cybersecurity, CISA. The update delivers a new maturity stage, “Initial”, that is a useful guide for identifying the maturity within each pillar (Identity, Devices, Network, Data, Applications and Workloads).
Various functions and updated features were also added to the four stages (Traditional, Initial, Advanced, and Optimal” to better aid engineers in zero trust integration. Implementation is accelerated with a maturity model update that provides a gradual increase to integration giving implementers time to build an optimized zero trust environment.
“As one of many roadmaps, the updated model will lead agencies through a methodical process and transition towards greater zero trust maturity. While applicable to federal civilian agencies, all organizations will find this model beneficial to review and use to implement their own architecture,” continued Butera
Response to Comments for Zero Trust Maturity Model
For more information, visit Zero Trust Maturity Model.