Zero Trust Journey
Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way.
Here’s what we do:
- Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.
- Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.
- A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.
- CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).
If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!
Zero Trust Journey
Episode 14: ZTMM+ in Action: Practical Steps for Your Zero Trust Journey
Highlights:
- Practical Zero Trust Implementation: Jason emphasizes the importance of adopting a realistic, incremental approach to Zero Trust, urging organizations to leverage existing capabilities before investing in new technologies.
- Introducing ZTMM+: Discover Jason’s enhancement of the CISA Zero Trust Maturity Model, designed to provide clearer definitions, practical guidance, and address critical gaps like secure internet access and data loss prevention.
- Simplifying Complexity: Learn how the ZTMM+ framework translates complex Zero Trust maturity assessments into straightforward, actionable questions, promoting collaboration across IT, security, and business teams.
- Avoiding Vendor Hype: Jason debunks vendor-driven myths and clarifies that no product is inherently "Zero Trust Certified," reinforcing the importance of strategic integration over reliance on vendor solutions.
- Secure Internet and DLP Strategies: Get insights into why comprehensive secure internet access controls and robust data loss prevention (DLP) strategies are essential yet often overlooked in standard maturity models.
Key Takeaways:
- Start with Practical Steps: Begin your Zero Trust journey by tightening policies around critical business assets, leveraging current technologies, and incrementally building your capabilities.
- ZTMM+ as an Actionable Tool: Use the enhanced maturity model (ZTMM+) to objectively measure your organization's true Zero Trust maturity and identify realistic improvement areas without overwhelming complexity.
- Vendor Realities: Recognize that true Zero Trust maturity involves strategic orchestration across existing processes and tools rather than dependency on a single vendor’s solution.
- Business-Focused Security: Zero Trust initiatives succeed when security leaders deeply align security improvements with clear, direct business benefits—supporting innovation, compliance, and strategic business expansions.
- Collaboration is Essential: Cross-functional collaboration between security teams, IT, and business stakeholders is critical for identifying real-world security gaps and practical, impactful solutions.
Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.
Disclaimer: The views expressed are those of the speakers.
