Zero Trust Architecture: Best Practices Observed in Industry
Software Engineering Institute
Zero trust architecture has the potential to improve an enterprise’s security posture. There is still considerable uncertainty about the transformation process, however, as well as how zero trust architecture will ultimately appear in practice. Recent executive orders have accelerated the timeline for zero trust adoption in the federal sector, and many private-sector organizations are following suit. Researchers in the CERT Division at the Carnegie Mellon University Software Engineering Institute (SEI) hosted Zero Trust Industry Days to enable industry stakeholders to share information about implementing zero trust. In this SEI podcast, CERT researchers Matthew Nicolai and Nathaniel Richmond discuss five best practices identified during the two-day event, explain their significance, and provide commentary and analysis on ways to empower your organization’s zero trust transformation.
About the Speaker
Matthew Nicolai is a graduate research assistant in the SEI’s CERT Division where he works on situational awareness projects with an emphasis on zero trust architecture. He is a master of science candidate in information security policy and management at Heinz College of Information Systems and Public Policy at Carnegie …Read more