Zero Trust Webinar - Transforming Cybersecurity - 20230119 - final

Zero Trust (ZT) potentially transforms DoD Cybersecurity.  ZT is a cybersecurity strategy wherein security policy is applied based on context established through least-privileged access controls and strict user authentication—not assumed trust.  Programs implementing ZT need awareness of three logical components (described in National Institute of Standards and Technology (NIST) SP 800-207):  the Policy Engine (PE), Policy Administrator (PA), and Policy Enforcement Points (PEP). The PE fuses information sources like: network and endpoint configurations; data tagging; user analytics; access control; and policy orchestration.  The PE makes risk-based access decisions based on device, asset status, and environmental factors.  It determines when access becomes an unacceptable risk. NIST SP 800-207 "Zero Trust Architecture" describes the PE as "the brain and the PE's trust algorithm as its primary thought process."