Advancing Zero Trust Maturity Throughout the User
Pillar
Executive Summary
According to the 2020 Verizon Data Breach Investigations Report, over 80% of
breaches due to hacking involved credentials, whether lost or stolen, to impersonate
users for further compromise
.[1] Such cyber incidents are on the rise, creating
economic disruption and impacting national security.
This cybersecurity information sheet (CSI) provides recommendations for maturing
identity, credential and access management (ICAM) capabilities to effectively mitigate
such cyberattacks. It further discusses how these capabilities integrate into a
comprehensive Zero Trust (ZT) framework, as described in Embracing a Zero Trust
Security Model. [2] National Security System owners and operators should take
concrete steps to mature identity and access security controls and the operational
practices related to establishing digital identities and authenticating and authorizing
users to access critical resources. Doing so will provide system owners and operators
the ability to identify, resist, and respond to many cyber intrusion techniques.
Adoption of ZT principles is not accomplished overnight. Implementation is achieved
through careful and deliberate planning and continuous incremental improvements.
Building capabilities aligned to a mature ZT framework requires integrating every
system in the enterprise with the controls defined for each of seven pillars – User,
Device, Data, Application/Workload, Network/Environment, Visibility & Analytics, and
Automation & Orchestration, starting with the user pillar, which builds on existing ICAM
capabilities.
