Zero Trust Architecture Technical Exchange Meeting
The NIST National Cybersecurity Center of Excellence (NCCoE) and the Federal CIO Council hosted a two-day Technical Exchange Meeting on Zero Trust Architectures on November 13-14, 2019.
Over the past year, NIST NCCoE cybersecurity researchers have had the opportunity to work closely with the Federal CIO Council, federal agencies, and industry to address the challenges and opportunities for implementing zero trust architectures across U.S. government networks. This work has resulted in publication of draft NIST Special Publication (SP) 800-207, Zero Trust Architecture. Through this event, we built on previous work and took steps to further strengthen relationships among industry and government to address gaps and advance the state of readiness of zero trust architectures.
Meeting Goals
Through collaboration with this community, the NCCoE and the Federal CIO Council:
- provided a forum for critical decision makers and stakeholders to enumerate zero trust cybersecurity requirements and challenges for federal networks/systems
- shared current successes, best practices, and lessons learned in implementing zero trust in the federal government and the commercial sector
- provided a setting for government and industry to connect, network, and share big-picture federal needs and ideas around zero trust in a “no sales pitch” environment
- gathered feedback from key zero trust stakeholders on current NIST efforts in NIST SP 800-207, Zero Trust Architecture, and areas where NIST and the Federal CIO Council are best suited to support zero trust efforts moving forward
Presentations
The following presentations were given during the two-day event:
- NIST SP 800-207, Zero Trust Architecture Draft Status Update
- Zero Trust at DHS (accessible through MAX.gov)
- DISA's Perspective: Zero Trust Concepts and Terminology
- Practitioner Presentation: NASA
- Practitioner Presentation: Alcohol and Tobacco Tax and Trade Bureau (accessible through MAX.gov)
- Practitioner Presentation: Adobe
- Practitioner Presentation: Interfaith Medical Center
- Vendor Tech Talk: Okta
- Vendor Tech Talk: Duo Security
- Vendor Tech Talk: Forescout
- Vendor Tech Talk: Cyxtera
- Vendor Tech Talk: Zscaler
- Vendor Tech Talk: Cisco
- Vendor Tech Talk: Palo Alto Networks
- Vendor Tech Talk: Forcepoint