An Interview with One of the Developers of CSA’s Zero Trust Training

These days, Zero Trust is a term that you can’t seem to get away from - and you shouldn’t want to! Zero Trust is based on the principle that no part of a computing and networking system can be implicitly trusted, including the humans operating it. This concept codifies an evolutionary approach to cybersecurity under a coherent framework and aims to challenge ineffective, traditional security models by embedding security from the inside out. Zero Trust has huge implications in raising the cybersecurity baseline across the board and eliminating significant systemic risk.

To further the mission of Zero Trust, CSA is developing a training program to give you the knowledge and skills necessary to define, plan for, and implement an effective Zero Trust strategy in your organization. The Zero Trust Training (ZTT) covers eight essential areas of Zero Trust knowledge, each composed of one or more online courses and a study guide.

The ZTT was developed by crowd-sourcing the collective experience of the industry. The perspectives of all stakeholders were taken into consideration, including Zero Trust consultants, existing and potential users, product vendors, and more. One of these contributors was Vani Murthy, Senior Information Security and Compliance Advisor at Akamai Technologies. Vani is an active member of several CSA working groups, including Serverless, Top Threats, and the SDP Expert Group. She has contributed to over a dozen CSA publications as an author, key contributor, and peer reviewer.

We interviewed Vani to get some more insights on the ZTT:

How is the ZTT different from other training programs out there? What unique needs is the ZTT helping solve in the market?

The ZTT is a one-stop-shop training that provides a comprehensive introduction to Zero Trust Architecture (ZTA). It makes any other foundational training on Zero Trust totally unnecessary. The training provides a high-level holistic view of ZTA where it covers Zero Trust foundations, objectives, benefits, planning considerations, implementation options, various use cases, and applications of Zero Trust.

In each of these sections, the ZTT provides a convincing argument for migrating from a traditional perimeter architecture to ZTA by influencing the learner to shift their mindset from trusting within the perimeter to withholding trust until a user, device, or even an individual packet has been thoroughly inspected and authenticated.

Why did you want to get involved in the development of the ZTT?

I enjoyed working with the Cloud Security Alliance team members and being a part of this unique offering.

Who should take this training?

Learners who have an interest in knowing more about Zero Trust should take this training. You should have a basic understanding of security concepts including network security, identification, authentication, authorization, and auditing (IAAA) to benefit the most from this training.

Why is the ZTT important?

In today’s world, organizations store data in databases across geographies spread over multiple clouds. As the perimeter expands from the traditional firewall model, it is important to change your mindset from trusting within the boundary to withholding trust until security checks have passed. ZTA is the future and is a must-know for IT professionals.

Learn more about CSA’s Zero Trust Training here and the certification exam you can take afterwards here.