Zero Trust Adoption: Managing Risk with Cybersecurity Engineering and Adaptive Risk Assessment

Abstract

Zero trust adoption challenges many organizations. It isn't a specific technology to adopt, but a security initiative that an enterprise must understand, interpret, and implement. Enterprise security initiatives are never simple, and their goal to improve cybersecurity posture requires the alignment of multiple stakeholders, systems, acquisitions, and exponentially changing technology. This alignment is always a complex undertaking and requires cybersecurity strategy and engineering to succeed. In this and a series of future posts, we provide an overview of zero trust and management of its risk with SEI's cybersecurity engineering assessment framework. This adaptive framework incorporates multiple assessment methods that address lifecycle challenges that organizations face on a zero trust journey.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Feb 01, 2021
Accession Number
AD1126932

Entities

People

  • Geoffrey Sanders

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Acquisition
  • Business Administration
  • Copyrights
  • Cybersecurity
  • Denial Of Service Attack
  • Department Of Defense
  • Engineering
  • Governments
  • Guarantees
  • Insider Threats
  • Materials
  • Risk
  • Risk Analysis
  • Risk Management
  • Security
  • Software Development
  • Standards
  • Supply Chain
  • Threats
  • Universities

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management
  • Systems Analysis and Design

Technology Areas

  • Cyber