Insights

Security Standards

Zero Trust Architecture, NIST SP 800-207, CISA Maturity Model, ISO 27001 — technical standards and their practical implementation.

01

NIST SP 800-207: Zero Trust Architecture

NIST SP 800-207 defines Zero Trust Architecture (ZTA) as a set of cybersecurity design principles where defences shift from static, network-based perimeters to a focus on users, assets and resources. ZTA assumes no implicit trust is granted to assets or user accounts based on their physical or network location.

02

CISA Zero Trust Maturity Model Version 2.0

CISA developed the Zero Trust Maturity Model to help organisations assess and advance their implementations. The model covers five pillars: identity, devices, networks, applications and data — with PAM as a central element in the identity pillar.