Pentagon posts guidance on implementing zero trust for operational technology
The Defense Department recently published a new document outlining how organizations should apply zero-trust cybersecurity principles for operational technology systems.
Posted in November by the Pentagon’s chief information office, the guidance includes 105 zero-trust activities and capability outcomes to implement in operational technology (OT) environments — including 84 activities considered minimum “target levels” and 21 for “advanced levels” of zero trust. In addition, the list is divided across seven pillars: users; devices; applications and workloads; data; networks and environments; automation and orchestration; and visibility and analytics.
Zero trust is a cybersecurity concept that assumes networks are always compromised by adversaries, meaning the Pentagon must implement controls to consistently monitor and authenticate users and their devices.
Read more at DefenseScoop