What are the five pillars of CISA’s Zero Trust Maturity Model (ZTMM)?
Identity. This pillar describes characteristics of each user or agency. Among the elements that describe each entity are authentication, risk assessments and tools to identify each entity, whether they are manual or automated.
Device. Any device connecting to a user network is characterized by this pillar. It addresses asset tracking and management, access to the device and how the device complies with security rules and protocols.
Network/environment. This addresses the network environment, whether hardware-based, wireless or linking to networks, such as the internet. It also examines the presence of encryption, threat identification and mitigation resources, and how the network is physically and logically configured.
Application workload. This pillar examines the systems and applications being executed on site as well as remotely, such as in cloud environments. The process analyzes how applications are accessed, security measures that protect applications and the presence of threat identification and mitigation measures.
Data. All aspects of securing production data, data storage, data management and data protection are examined in this pillar. Among the issues addressed are data access, data encryption and data inventory management.