Behind the Curtain with a CCZT Developer: Head of Identity Security Sesh Ramasharma

The Certificate of Competence in Zero Trust (CCZT) is the first vendor-neutral credential available for industry professionals to demonstrate their expertise in Zero Trust principles. The certificate provides an in-depth understanding of Zero Trust architecture, drivers, benefits, and how to plan for adoption. Earning the CCZT is critical for security professionals seeking to advance their careers and for organizations who must maintain strong security postures.

In this blog series, we’re interviewing developers of the CCZT about the importance of the certificate and who should consider earning it. In this first blog, we’re interviewing Sesh Ramasharma, Global Head, Identity Security Product Line, HCLTech.

1. How is the CCZT certificate program different from other cybersecurity certificate programs?

CCZT is the only certificate program focused on all things Zero Trust. It provides valuable insights to security practitioners with a comprehensive look at the impact Zero Trust considerations have on various aspects of cybersecurity architecture. You get a more drilled down perspective that helps you become a 360-degree player in the security space.

2. Why did you want to get involved in the development of the CCZT?

I wanted to give back to the field that I have worked hard in over the years to gain valuable insights and experience. I also wanted to repay the wider security practitioner community that I have been part of and has helped me in many ways throughout my career.

3. What did you learn or come to understand better while working on the CCZT?

Working in the Zero Trust Working Group taught me that trust is not a binary concept. It's not just a matter of whether or not you trust someone or something. Rather, it's a complex and dynamic process that involves continuous validation and verification of identities, devices, and actions. Just like how zero is both a number and a concept in mathematics, Zero Trust is both a security model and a mindset that requires a fundamental shift in how we approach cybersecurity. In other words, I learned that Zero Trust is not just about building walls around our assets, but about rethinking the way we build and maintain trust in our digital environments.

On another front, it was also a great remote global team with people I did not know or work with before.

4. Who should earn their CCZT?

Anyone who is a serious practitioner or even a stakeholder in information security/cybersecurity should put time into the CCZT. In today's information world where the adoption of cloud and cybercrime are a given, it becomes even more relevant and critical to understand how to protect your organizational assets. CCZT is a very important part of this journey.

5. Why is the CCZT important?

Zero Trust is particularly important in the cloud because traditional security models that rely on network perimeters and firewalls are no longer sufficient to protect against the ever-evolving threat landscape. With the increasing use of cloud services and mobile devices, there are more entry points for attackers to exploit, making it imperative to adopt a Zero Trust security approach.

By assuming that everything is untrusted until verified, Zero Trust ensures that every request, user, device, and application is continuously validated and authenticated before being granted access to sensitive resources. This reduces the risk of unauthorized access, data breaches, and other security incidents, while providing greater visibility and control over the entire IT environment. Overall, implementing Zero Trust in the cloud provides a higher level of security and helps organizations mitigate the risks associated with a constantly changing threat landscape.

6. Any final thoughts?

There is so much more to do, so much more to accomplish in this field. It is important that we pool our collective experiences and insights together to build a framework that sets the foundation, evolves, and stands the test of time.

Learn more about the Certificate of Competence in Zero Trust (CCZT) here.