One Security Framework to Address Zero Trust, NIST, CARTA, CDM, and HVA
Well, the industry now understands where Cisco is going!
A modern security framework/architecture should be designed to cover all the important security frameworks and compliance requirements.
Cisco has been developing a comprehensive end to end, cross-domain network architectural approach over the last 7 years. This represents the first complete implementation of what Gartner calls “intent-based networking” in the industry. Most importantly, because Cisco doesn’t “bolt” security onto the network, but rather designs it into your framework/architecture.
While putting together various presentations for NIST, Zero Trust, CARTA, and CDM, I realized that the risks, use cases, best practices, and required capabilities needed are very similar. With help from many peers at Cisco, we put this practical approach together. We realized this approach also addresses FedRamp, HIPAA, PCI, FITARA, and the Federal DoD’s HVA as well. One cybersecurity approach to address them all (hmm, Tolkien anyone?). So, map the required capabilities out first, understand what you have, and where the gaps are. Then, address the capabilities gaps in your plans over the next 1-3 years.
Most of these approaches, like Zero Trust and CARTA, are evolutions, not revolutions. Rather than rip-and-replace, you can leverage what your current capabilities provides and with Cisco solutions make improvements in your cybersecurity framework/architecture over time.
Cisco has a NIST and Zero Trust Assessment offering and process that can be of great help by providing experienced consultants with years of experience and our own practical methodology. Our services team takes an agnostic approach as no customer is “All Cisco.” Your organization is doing well if you can consolidate your cybersecurity framework to an integrated ecosystem—instead of siloed individual solutions that do not talk to each other. Though a small amount of capability diversity via our partners adds to your defense in depth.
Why is this one framework/architecture approach important? In 5 years after you have rolled out your desired NIST or Zero Trust framework addressing CDM or HVA, another new framework evolution or organizational imperative that may drive yet more change. With very little effort, you can continue to support your digital transformation with a mission-focused secure architecture using this approach.
Trend – less checklists, more risk management to provide better decisions around automation and policy implementations.
While there are a set of “go-to” top common capabilities, any solution needs to take a deliberate approach that is tailored to your network and organization’s goals. Please bring in Cisco Security Advisory Services to help you.
Cisco can help you do a strategy or NIST/Zero Trust assessment to understand your risks, key use cases, what capabilities you have and need. We can help you with planning, workshops, analysis (heat map, maturity level, readiness assessment), next steps including recommendations for you to take forward. Don’t forget that we can also help you with networking, collaboration, IoT, data center, cloud, and service support as well.
News…Take a look at the draft NIST 800-207 draft for Zero Trust that just came out Sept 23rd, 2019. Zero Trust’s design approach added design suggestions. https://csrc.nist.gov/publications/detail/sp/800-207/draft