The National Security Agency has issued a cybersecurity information sheet outlining recommendations for reaching progressive levels of workload and application capabilities under the zero trust framework.
The document titled Advancing Zero Trust Maturity Throughout the Application and Workload Pillar seeks to help organizations ensure continuous workload visibility and protect applications from unauthorized users, NSA said Wednesday.
“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” said Dave Luber, director of cybersecurity at NSA.
“Implementing a Zero Trust framework places cybersecurity practitioners in a better position to secure sensitive data, applications, assets, and services,” added Luber.
According to the guidance, the application and workload pillar of the zero trust framework relies on five capabilities: application inventory, secure software development and integration, software risk management, resource authorization and integration and continuous monitoring and ongoing authorizations.
The document states that conducting an inventory of applications and workloads is a critical step to implementing zero trust.
“These resources must be identified and categorized to prioritize cybersecurity protection requirements for critical assets, especially of application updates,” the guidance reads.
In April, NSA released guidance for pushing zero trust maturity throughout the data pillar.
Join the Potomac Officers Club’s 2024 Cyber Summit on June 6 and hear cyber experts, government and industry leaders discuss the latest trends and the dynamic role of cyber in the public sector. Register here.