Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Join AT&T Cybersecurity in Chicago to learn top 2024 resilience tactics on May 21st!

Behind the Curtain with a CCZT Developer: Director Zenith Law

Home
Industry Insights
Behind the Curtain with a CCZT Developer: Director Zenith Law

Blog Article Published: 12/18/2023

The Certificate of Competence in Zero Trust (CCZT) is the first vendor-neutral credential available for industry professionals to demonstrate their expertise in Zero Trust principles. The certificate provides an in-depth understanding of Zero Trust architecture, drivers, benefits, and how to plan for adoption. Earning the CCZT is critical for security professionals seeking to advance their careers and for organizations who must maintain strong security postures.

In this blog series, we’re interviewing developers of the CCZT about the importance of the certificate and who should consider earning it. In this fourth blog, we’re interviewing Zenith Law, Director of Zenospace.


1. How is the CCZT certificate program different from other cybersecurity certificate programs?

The CCZT certificate program is considered an evolving and disruptive extension to other cybersecurity certificate programs, specifically in the context of moving defenses from static, network-based perimeters to focusing on protecting resources with the principles of “assume breach” and “never trust, always verify.”


2. Why did you want to get involved in the development of the CCZT?

In the past 20+ years, I have always made myself available for contributing my knowledge to organisations, especially non-profit-making ones, with the aim of building a better knowledge-driven future in a collaborative manner. Meanwhile, I felt privileged to collaborate with CSA and contribute to the development of the CCZT since Zero Trust is believed to be an essential element for evolving architectures and technologies, including but not limited to: Open Radio Access Network (Open RAN), Secure Access Service Edge (SASE), Industry 4.0, and Generative Artificial Intelligence (GenAI).


3. What did you learn or come to understand better while working on the CCZT?

My knowledge of the Zero Trust planning and implementation process, Zero Trust Maturity Model, deployment models of a software-defined perimeter (SDP), automated enforcement of access policies, supply chain risk management, and automation and orchestration for the implementation of a Zero Trust Architecture (ZTA) has been greatly improved.


4. Who should earn their CCZT?

Any practitioner who genuinely embraces the principle of “never trust, always verify” and the evolution of our decentralised future with Zero Trust and software-defined everything should earn their CCZT.


5. Any final thoughts?

Throughout my engagement as both an exam item writer and exam item reviewer, the people and processes of the Cloud Security Alliance for engaging stakeholders and contributors, communicating about exam items, and performing quality control, were found to be brilliant and agile.


Learn more about the Certificate of Competence in Zero Trust (CCZT) here.

TrainingZero TrustCCZT

Share this content on your favorite social network today!

Future Cloud
Related Resources
Zero Trust Advancement Center
Tools and resources to guide your Zero Trust implementation.
Y2Q - The Quantum Countdown
The countdown to quantum destruction has begun, are you ready?
Global Security Database
Understand vulnerability discovery, reporting, tracking, and classification.
Latest from CSA
Virtual Cloud Trust Summit 2024
AT&T Cybersecurity in Seattle
This Year’s Zero Trust Opportunity for Security Professionals
Trending This Week
#1 The 5 SOC 2 Trust Services Criteria Explained
#2 What You Need to Know About the Daixin Team Ransomware Group
#3 Mitigating Security Risks in Retrieval Augmented Generation (RAG) LLM Applications
#4 Cybersecurity 101: 10 Types of Cyber Attacks to Know
#5 Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
Secure your cloud data with Zero Trust Training
Related Articles:
The Future of Cloud Cybersecurity

Published: 04/29/2024

This Year’s Zero Trust Opportunity for Security Professionals

Published: 04/26/2024

How to Prepare Your Workforce to Secure Your Cloud Infrastructure with Zero Trust

Published: 04/24/2024

What’s in a Name? Defining Zero Trust for Leaders

Published: 04/22/2024