Darren Death, vice president of information security and chief information security officer at ASRC Federal, told Government Matters in a video interview posted Tuesday that one of the advantages of zero trust architecture is the focus on data.
“When you are focusing on data in an organization, you are focusing on what matters. … So when you are looking at intellectual property, you are focusing on high-value assets of the organization, those are things that really matter and things you can apply as your trust strategy in architecture against,” he said.
Death also shared his insights on an American Council for Technology-Industry Advisory Council report on trends in zero trust cybersecurity.
“One of the things that was very happy for us was that we saw that the report was referenced in [National Institute of Standards and Technology’s] work 800207. We can see that we got some usefulness out of that report. Really what that report was set up to do was be a 10,000 foot view of, ‘This is what the zero trust area looks like; what the space looks like,’” he said. “We are in the process of planning through a phase two of that project, where we’ll dive deeper and actually work at what the industry looks like, what the vendors are looking like.”
Death also talked about plans of having vendors determine their approach to zero trust and map across NIST’s 80053 controls.