The National Security Agency has issued a cybersecurity information sheet offering recommendations to help system operators and owners mature identity, credential and access management capabilities to prevent cyberattacks.
“Malicious cyber actors increasingly exploit gaps and immature capabilities in the identity, credential, and access management of our nation’s most critical systems,” Kevin Bingham, critical government systems, zero trust lead at NSA, said in a statement published Tuesday.
“Our report provides recommendations that will help system operators strengthen identity protections to limit the damage of future compromises,” added Bingham.
The CSI titled “Advancing Zero Trust Maturity throughout the User Pillar” discusses how ICAM capabilities integrate into a comprehensive zero trust framework and outlines steps national security system operators should take to further develop access and identity security controls and operational practices when it comes to authorizing users to access key resources and establishing digital identities.
NSA said it will release additional guidance to help system operators streamline the integration of zero trust principles into enterprise networks.