Download Publication
![Defining the Zero Trust Protect Surface](https://cloudsecurityalliance.org/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MjczNzgsInB1ciI6ImJsb2JfaWQifX0=--29bed93e33abe5539856c37b78b8026dc7b96bbb/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJwbmciLCJyZXNpemVfdG9fbGltaXQiOlsyMjUsMzAwXX0sInB1ciI6InZhcmlhdGlvbiJ9fQ==--ed3d8b3503f8660626bf50138e90f4b6f3228621/Defining%20the%20Zero%20Trust%20Protect%20Surface%20cover.png)
Who it's for:
- Zero Trust Architects and Implementation Teams
- CISOs and other CxOs
- Information Security Managers and Analysts
- Privacy and Compliance Officers
- IT Auditors and Assessors
- Software Developers
- Network Security Engineers
Defining the Zero Trust Protect Surface
Release Date: 03/05/2024
Working Group: Zero Trust
- The definition of Zero Trust and the Zero Trust protect surface
- How to initiate the Zero Trust implementation process by defining, analyzing, and prioritizing the organization’s protect surfaces
- How to identify the DAAS elements to be protected
- The risks and potential impacts of protect surface compromises
- The difference between the attack surface and the protect surface
Download this Resource
Related Resources
Acknowledgements
![Erik Johnson](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTc4MDgsInB1ciI6ImJsb2JfaWQifX0=--8db7915b99483d810302ab5ccc0b3874d4c17bcb/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--ce1f0b273c14895214513c640abe6c284218f1db/e-johnson.jpg)
Erik Johnson
Cloud Security Specialist & Senior Research Analyst, CSA
Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).
I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.
Linke...
![Shamik Kacker Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Shamik Kacker
![Shruti Kulkarni](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6MTE4NjEsInB1ciI6ImJsb2JfaWQifX0=--44f9a3ad8a227b060b924e7297d9aa558c2f098a/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGVnIiwiYXV0b19vcmllbnQiOnRydWUsInJvdGF0ZSI6MCwiZ3Jhdml0eSI6ImNlbnRlciIsInJlc2l6ZSI6IjE4MHgyNDBeIiwiYmFja2dyb3VuZCI6Im5vbmUifSwicHVyIjoidmFyaWF0aW9uIn19--bce64e6cd8e04ad10bf1b7b6142bab4d14a520af/Photo.jpeg)
Shruti Kulkarni
Cyber Security Architect at 6point6 & PhD Student
I am a security professional with experience across various domains of security. I work in defining organisation’s security strategy, security architecture and security practices. Translating business objectives and risk management strategies into specific security processes enabled by security technologies and services. I work on gap analysis, design, implementation and...
![Krishna Narayanaswamy Headshot Missing](/assets/fallback/csa-headshot-7b449f5deff0b8be963d29536d108a63e2ef86ec765da989bb085a7d8c14217c.png)
Krishna Narayanaswamy
![Michael Roza](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6Mzc3NCwicHVyIjoiYmxvYl9pZCJ9fQ==--2ee3c93fe3c1fbe44c00209688a02592cb8f251c/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJqcGciLCJhdXRvX29yaWVudCI6dHJ1ZSwicm90YXRlIjowLCJncmF2aXR5IjoiY2VudGVyIiwicmVzaXplIjoiMTgweDI0MF4iLCJiYWNrZ3JvdW5kIjoibm9uZSJ9LCJwdXIiOiJ2YXJpYXRpb24ifX0=--ce1f0b273c14895214513c640abe6c284218f1db/roza.jpg)
Michael Roza
Risk, Control and Compliance Professional at EVC
Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...