Scott Rose, a computer scientist at the National Institute of Standards and Technology, told Federal News Network in an interview posted Tuesday that NIST’s Zero Trust Architecture Special Publication 800-207 seeks to help agencies and cyber experts come up with a “conceptual framework” to adopt zero trust principles within their network infrastructure and operations.
“Think of it as a set of principles in which to kind of generate a set of architecture and operations, which then become your zero trust architecture. And then when you execute that architecture and actually start building to it, you could say you are building a zero trust enterprise,” Rose said on the network’s Federal Monthly Insights – Zero Trust Month.
Rose stated that the NIST publication provides a series of models and approaches to develop an abstract map for zero trust architecture and offers examples of the connection between zero trust and current federal policies.
NIST issued the zero trust guidance’s initial draft last fall and then added a new subsection to the document. The agency will accept public comments on the revised draft guidance through March 13.