Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog

CSA’s New Zero Trust Training and Why It's Needed

Home
Industry Insights
CSA’s New Zero Trust Training and Why It's Needed

Blog Article Published: 10/10/2022

Written by Daniele Catteddu, Chief Technology Officer, CSA.

Zero Trust has possibly been the most mentioned concept in the cybersecurity arena over the last 12 months. For some, it is a revolutionary approach. For others, it is an evolution of a series of trends already ongoing for over a decade. Finally, there are people who consider it just a buzzword and new marketing stratagem to sell products.

Personally, I’m in the field of those who believe that it is a fantastic marketing locution that has the merit of summarizing under a coherent framework an evolutionary approach to cybersecurity. This approach aims to revisit the classical logic of security and push toward the idea of embedding security from the inside out.

In other terms: In my opinion, John Kindervag has the merit to bring under a coherent framework a few common sense approaches to modern cybersecurity (e.g., critical-assets-centric protection, least privilege, segregation of duties, context-based access policies, evidence-based trust, etc.) and give this framework a catchy name.


Industry Need

No matter which camp you are in, I think it is undeniable that there is a lot of confusion in the industry, and there are a lot of organizations that need support and guidance in their Zero Trust journey. Now, the choice of the word ‘journey’ is not casual, since Zero Trust is not a stand-alone project, but is a group expedition toward a moving target, with no final destination. The ultimate goal is a self-improving organization.

During this group journey, different skills and expertise are going to be required. The organization needs leaders to build a Zero Trust strategy, governance, and risk posture; data and assets owners to record and classify assets and define the right policies; infrastructure and network architects to define the IT and service structure; identity experts to design and improve IAM approaches; developers to build the right logic, orchestrations, and controls into the development pipelines, applications, and API; security experts to protect devices and built and automate controls; data analysts to make good use of the data/telemetry sources; etc.

In some cases, the necessary skills and expertise are already there; after all, we already see examples of cloud-native and Zero Trust-native companies. In other cases (possibly the majority), new knowledge would need to be acquired.


What CSA is Doing

CSA has made Zero Trust one of its strategic goals for the upcoming years and in March, we launched a flagship initiative called the Zero Trust Advancement Center (ZTAC). In this context, we are going to create an educational program that will include a comprehensive Zero Trust training curriculum and professional certificate. The training curriculum has the ambition to cover all the critical areas of the Zero Trust philosophy. It is structured in eight areas of knowledge:

  • Zero Trust Strategy and Governance, Risk, and Compliance
  • Zero Trust Architecture
  • Zero Trust Planning and Implementation
  • Visibility, Analytics, and Monitoring
  • Identity
  • Data, Assets, Applications, and Services (DAAS)
  • Device Security
  • Applications and Workloads

We are now unveiling the Zero Trust Training Curriculum and its high-level learning objectives. You can download the curriculum overview here.

In the upcoming weeks, we’ll start releasing the initial modules of our training. We’ll start with an Introduction to Zero Trust Architecture, followed by a series of three modules on Software-Defined Perimeter (SDP).

The fact that CSA has focused its initial effort on the networking component of Zero Trust doesn’t mean that we consider that a priority. We do recognize though, that ‘network’ seems to be the most mature area within the Zero Trust pillars and the one where the most literature and best practices have been created. Anecdotally, CSA initiated its Zero Trust research in 2013 with the SDP Working Group.

Expect additional modules on Zero Trust Planning and Implementation to be released at the beginning of 2023.


You can now develop and demonstrate an in-depth understanding of Zero Trust with CSA’s Certificate of Competence in Zero Trust (CCZT). Learn more here.

TrainingZero Trust

Share this content on your favorite social network today!

Latest from CSA
Virtual Cloud Trust Summit 2024
The State of AI and Security Survey Report
CSA's STAR: The Key to Cloud Security & Compliance
Trending This Week
#1 The 5 SOC 2 Trust Services Criteria Explained
#2 What You Need to Know About the Daixin Team Ransomware Group
#3 Mitigating Security Risks in Retrieval Augmented Generation (RAG) LLM Applications
#4 Cybersecurity 101: 10 Types of Cyber Attacks to Know
#5 Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
Secure your cloud data with Zero Trust Training
Related Articles:
This Year’s Zero Trust Opportunity for Security Professionals

Published: 04/26/2024

How to Prepare Your Workforce to Secure Your Cloud Infrastructure with Zero Trust

Published: 04/24/2024

What’s in a Name? Defining Zero Trust for Leaders

Published: 04/22/2024

Implementing a Data-Centric Approach to Security

Published: 04/19/2024