NIST Special Publication 800-207 defines zero trust as a set of cybersecurity principles used when planning and implementing an enterprise architecture. These principles apply to endpoints, services, and data flows. Input and cooperation from various stakeholders in an enterprise is needed for a zero trust architecture to succeed in improving the enterprise security posture. Some of these stakeholders may not be familiar with risk analysis and management. This document provides an overview of the NIST Risk Management Framework (NIST RMF) and how the NIST RMF can be applied when developing and implementing a zero trust architecture.
NIST Special Publication 800-207 defines zero trust as a set of cybersecurity principles used when planning and implementing an enterprise architecture. These principles apply to endpoints, services, and data flows. Input and cooperation from various stakeholders in an enterprise is needed for a...
See full abstract
NIST Special Publication 800-207 defines zero trust as a set of cybersecurity principles used when planning and implementing an enterprise architecture. These principles apply to endpoints, services, and data flows. Input and cooperation from various stakeholders in an enterprise is needed for a zero trust architecture to succeed in improving the enterprise security posture. Some of these stakeholders may not be familiar with risk analysis and management. This document provides an overview of the NIST Risk Management Framework (NIST RMF) and how the NIST RMF can be applied when developing and implementing a zero trust architecture.
Hide full abstract
Keywords
architecture; cybersecurity; enterprise; network security; risk management; Risk Management Framework; zero trust