[CDP-development] CISA Publishes Applying Zero Trust Principles to Enterprise Mobility

Masse, Theresa theresa.masse at cisa.dhs.gov
Mon Mar 7 14:34:59 PST 2022 

FYSA



As the nation's cyber defense agency, CISA has published Applying Zero Trust Principles to Enterprise Mobility<https://www.cisa.gov/zero-trust-maturity-model>, a new resource intended to guide federal civilian agencies and other organizations with incorporating zero trust (ZT) goals as they develop and implement their enterprise mobility cybersecurity.



This new publication highlights the need for special consideration for mobile devices and associated enterprise security management capabilities due to their technological evolution and ubiquitous use. The paper further presents architectural frameworks, principles, and capabilities to attain a ZT level set by the adopting organization. It then maps mobile security approaches into ZT principles that an organization can use to align its current mobile security capabilities with a ZT approach.



In addition to the zero trust mapping tables, this new resource provides proposed next steps such as:

  *   Organizations should develop a strategy and their own ZT roadmap consistent with their mission and business needs and in response to OMB's ZT strategy and timeline.
  *   Organizations should conduct risk assessments against organization-specific ZT goals to develop formalized approaches for technical changes as well as personnel policies and processes for the mitigation of residual risks.
  *   Organizational policies should specify granularity of continuous authentication and standards for mobile device health assessments.



We are also requesting public comment<https://www.cisa.gov/zero-trust-maturity-model> to ensure our guidance enables the best visibility, flexibility, and security. The deadline for providing comment on the CISA zero trust mobility paper is April 20, 2022 and they should be submitted to: CyberLiaison at CISA.dhs.gov<mailto:CyberLiaison at CISA.dhs.gov>.



Theresa A. Masse
Cyber Security Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>

[cid:image001.png at 01D831F9.91402EF0]


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220307/81091c42/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20220307/81091c42/attachment-0001.png>

More information about the CDP-development mailing list