IN NIST WE (DON’T) TRUST
NIST’s National Cybersecurity Center of Excellence is seeking public feedback for a draft project on zero trust, the concept of treating all users as threats until they’re fully authenticated. “This NCCoE project will demonstrate a standards-based implementation of a zero trust architecture,” the draft reads. “Publication of this project description begins a process that will further identify project requirements and scope, as well as the hardware and software components for use in a laboratory environment. In the laboratory, the NCCoE will build a modular, end-to-end example zero trust architecture(s) that will address a set of cybersecurity challenges aligned to the NIST Cybersecurity Framework.” Once completed, NIST will make a free guide available.