InfoSecBulletin Cybersecurity for mankind
CSA has introduced the CCZT, which is the industry’s first zero trust certification. CSA explained that the certification addresses the changing world of widespread technology and the shortcomings of outdated security approaches. Its goal is to provide security experts with the necessary knowledge to create and execute a zero trust strategy.
Zero trust is seen by many as the future of information security. Jim Reavis, CEO and co-founder of the Cloud Security Alliance, highlighted its usefulness in different areas like industrial control systems, cloud computing, and generative AI.
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
“Zero Trust ‘never trust, always verify’ principles are clearly the path forward, and we anticipate virtually all organizations to apply this strategy to diverse technological environments in order to protect strategic assets and prevent breaches,” Reavis said.
CCZT program provides a comprehensive education that includes best practices endorsed by industry experts, standards bodies, and governments. It incorporates principles from sources like CISA, NIST, CSA Research, and the expertise of zero trust pioneer John Kindervag.
“Having an actual measuring stick could be the impetus that companies need to really commit to ZTA [zero trust architecture(s)] and understand the outcomes,” commented Jonathan Trull, chief security officer at Qualys. “Being certified will help organizations establish clear goals and be more effective in implementation.”
CCZT is expected to be important for organizations adopting zero trust. Gartner estimates that 60% adoption will happen by 2025. Dean Webb from Merlin Cyber agrees with this.
“As firms add CCZT to their list of desired and required certifications, it will drive IT professionals in general to seek the certification as a gateway to future opportunities,” Webb said. “As that happens, firms will adopt more zero-trust practices simply because they have the staff on hand that understand them and want to see them in place.”
