Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
CSA Startup Showcase
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Participate in the CSA Top Threats to Cloud Computing 2025 peer review to help shape industry insights!

CCZT Contributors

CCZT Overview
Home
Contributors
Certificate of Competence in Zero Trust
We extend our appreciation to the individuals whose dedication and expertise have made the development of the CCZT exam possible. Each of the contributors have volunteered their time and resources, leaving a mark on this certification. Their collaborative efforts and commitment to excellence have been instrumental in shaping the course content and ensuring its quality.

Contributors to the CCZT receive a digital badge that demonstrates their expertise in Zero Trust principles and their collaboration in developing a CSA certification. The digital badge recognizes their achievement and can be displayed online on social media, resumes, etc.

If you have any questions or have interest in participating in future course or certification development, you can email CSA at support@cloudsecurityalliance.org.

View the contributors to the Certificate of Competence in Zero Trust courses:

CCZT ContributorsIntroduction to Zero Trust Architecture
Introduction to Software-Defined PerimeterKey Features & Technologies of Software-Defined Perimeter
Architectures & Components of Software-Defined PerimeterZero Trust Planning
Zero Trust ImplementationZero Trust Strategy

Developers

Samuel Aiello
Samuel Aiello
Principal Network Solution Architect, Verizon Business

Samuel Aiello

Principal Network Solution Architect, Verizon Business

Over 30 years of civilian and military experience selling, implementing and supporting global operations & services. Primary experience focused in the areas of Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE), Software Defined WAN (SD-WAN), 5G Multi-Access Edge Computing (MEC), Secure Network Fabric, DDoS Mitigation Services, Software Defined Perimeter (SDP), Secure Cloud Gateway, and DNS Security.

Expertise in desi...

Read more

Daniele Catteddu
Daniele Catteddu
Chief Technology Officer, CSA

Daniele Catteddu

Chief Technology Officer, CSA

Daniele Catteddu is an information security and risk management practitioner, technologies expert and privacy evangelist with over 15 of experience. He worked in several senior roles both in the private and public sector. He is member of various national and international security expert groups and committees on cyber-security and privacy, keynote speaker at several conferences and author of numerous studies and papers on risk management, ...

Read more

Michael J Herndon Headshot Missing
Michael J Herndon
IT Senior Compliance Manager, Bayer A.G.

Michael J Herndon

IT Senior Compliance Manager, Bayer A.G.

Juanita Koilpillai
Juanita Koilpillai
Pioneer of Software Defined Perimeter

Juanita Koilpillai

Pioneer of Software Defined Perimeter

Juanita Koilpillai was Founder and CEO of Waverley Labs, a pioneer in software defined perimeters (SDP) and digital risk reduction solutions. She had 30 years’ experience researching and developing systems in computer security, network management and real-time distributed software. She led the open source software-defined perimeter (SDP) effort for ‘black’ apps in the cl...

Read more

Richard Lee
Richard Lee
Director Architecture / Infrastructure Architect / Security Architect / Cloud Architect at R Lee Associates

Richard Lee

Director Architecture / Infrastructure Architect / Security Architect / Cloud Architect at R Lee Associates

Vani Murthy
Vani Murthy
Sr. Information Security Compliance Advisor, Akamai Technologies

Vani Murthy

Sr. Information Security Compliance Advisor, Akamai Technologies

Vani has 20+ years of IT experience in the areas such as Security, Risk, Compliance, Cloud services (IaaS/PaaS/SaaS) architecture

Read more

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 125 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.
Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. H...

Read more

Abhishek R. Singh Headshot Missing
Abhishek R. Singh
Co-Founder and CEO, Araali Networks

Abhishek R. Singh

Co-Founder and CEO, Araali Networks

Agnidipta Sarkar
Agnidipta Sarkar
Group CISO, Biocon

Agnidipta Sarkar

Group CISO, Biocon

Agnidipta Sarkar has been evangelizing Cybersecurity, Privacy, Business Continuity, Digital Resilience, and Standardization through speaking at industry forums like Gartner, IDC, EC-Council, ISMG, BCI Global, CORE Resilience, etc. and through his contributions to standards bodies like the ISO, Cloud Security Alliance, and the Business Continuity Institute. He is a member of ISO panels for security & privacy, continuity & resilience, and ris...

Read more

Michael Shurman Headshot Missing
Michael Shurman
CTO Product, Ravtech

Michael Shurman

CTO Product, Ravtech

Heinrich Smit
Heinrich Smit
CISO & Risk Management at Semperis

Heinrich Smit

CISO & Risk Management at Semperis

Heinrich is a recognized Information Protection and Zero Trust expert who started out in Law, and pivoted to his love of technology during the Tech Boom. He has led teams at software innovators and large financial institutions, has authored entire Information Security Policy stores, and has protected data at both 280,000 seat regulated enterprises and SAAS-based startup unicorns. He is passionate about Privacy and Zero Trust, as well as Def...

Read more

Juan Carlos (Charlie) Soto
Juan Carlos (Charlie) Soto
vCISO

Juan Carlos (Charlie) Soto

vCISO

Charlie Soto is a v-CISO at Mandiant now part of Google Cloud. Charlie holds a Master's Degree in Cyber Security from the University of West London. Having written his dissertation on Zero Trust Architecture he regularly contributes to the CSA Zero Trust Working Group by direct development or reviewing of training/research.

Read more

Prasad T
Prasad T
Head - Information Security at Verse Innovation

Prasad T

Head - Information Security at Verse Innovation

Editors

Adil Abdelgawad
Adil Abdelgawad
Health Information Systems Software Analyst, 3M

Adil Abdelgawad

Health Information Systems Software Analyst, 3M

Abbas Kudrati
Abbas Kudrati
Director – APAC Chief Cybersecurity Advisor, Microsoft

Abbas Kudrati

Director – APAC Chief Cybersecurity Advisor, Microsoft

Abbas Kudrati, a long-time cybersecurity practitioner and CISO, is Microsoft Asia’s Lead Chief Cybersecurity Advisor for the Security Solutions Area. In addition to his work at Microsoft, he serves as an executive advisor to Deakin University, LaTrobe University, HITRUST ASIA, EC Council ASIA, and several security and technology start-ups. He supports the broader security community through his work with ISACA Chapters and student mentorship...

Read more

Lauren Fishburn Headshot Missing
Lauren Fishburn

Lauren Fishburn

Remo Hardeman Headshot Missing
Remo Hardeman
Security Architecture Consultant, Omerta Information Security

Remo Hardeman

Security Architecture Consultant, Omerta Information Security

Jerod Hollen
Jerod Hollen
Web / Content Developer, CSA

Jerod Hollen

Web / Content Developer, CSA

Junaid Islam
Junaid Islam
Secure Communications Expert

Junaid Islam

Secure Communications Expert

Junaid Islam is the CTO and founder of Vidder which provides distributed access control solutions to Fortune 500 companies. Prior to founding Vidder, Junaid founded Bivio Networks which developed the first Gigabit speed software based securityin the industry. Earlier in his career Junaid helped create networking standards such as Frame Relay, ATM and MPLS while...

Read more

Shruti Kulkarni
Shruti Kulkarni
Information Security Architect, Elexon

Shruti Kulkarni

Information Security Architect, Elexon

I am a security professional with experience across various domains of security. I work in defining organisation’s security strategy, security architecture and security practices. Translating business objectives and risk management strategies into specific security processes enabled by security technologies and services. I work on gap analysis, design, implementation and...

Read more

Naresh Kurada
Naresh Kurada
Director – Cloud Security Engineering, Deloitte

Naresh Kurada

Director – Cloud Security Engineering, Deloitte

James Lam
James Lam
Strategy and Consulting Manager, Accenture

James Lam

Strategy and Consulting Manager, Accenture

I was a contributor as an expert reviewer for the ZTA/SDP training materials.

Read more

Jenna Morrison Headshot Missing
Jenna Morrison
Interior Designer

Jenna Morrison

Interior Designer

Hannah Rock
Hannah Rock
Content Development Manager, CSA

Hannah Rock

Content Development Manager, CSA

Anna Campbell Schorr
Anna Campbell Schorr
Training Program Director, CSA

Anna Campbell Schorr

Training Program Director, CSA

Stephen Smith
Stephen Smith
Senior Graphic Designer, CSA

Stephen Smith

Senior Graphic Designer, CSA

Anusha Vaidyanathan
Anusha Vaidyanathan
Director – Product Management, Zscaler

Anusha Vaidyanathan

Director – Product Management, Zscaler

Jacob Kline
Jacob Kline
Principal Cyber Architecture and Resiliency Engineer at MITRE

Jacob Kline

Principal Cyber Architecture and Resiliency Engineer at MITRE

Successful exploitation of the United States by ever increasingly sophisticated cyber adversaries continues to accelerate and adversely impact American lives. Jacob Kline’s current pursuit is to maneuver the Department of the Air Force into the adoption of a Zero Trust Architecture, enabling the Warfighter to securely access data anytime and anywhere, and enhancing the DAF’s ability to project power over the adversaries of the United States...

Read more

Reviewers

Rajesh Ingle Headshot Missing
Rajesh Ingle
Professor in Computer Science and Engineering, IIIT

Rajesh Ingle

Professor in Computer Science and Engineering, IIIT

Ravi Adapa Headshot Missing
Ravi Adapa
Santander PLC

Ravi Adapa

Santander PLC

Asad Ali
Asad Ali
Director of Technology, Thales

Asad Ali

Director of Technology, Thales

Ryan Bergsma
Ryan Bergsma
Technology Director and Security Manager, CSA

Ryan Bergsma

Technology Director and Security Manager, CSA

Shinesa Cambric
Shinesa Cambric
Principal Product Manager, Microsoft

Shinesa Cambric

Principal Product Manager, Microsoft

Dr. Ron Martin
Dr. Ron Martin
Professor of Practice at Capitol Technology University

Dr. Ron Martin

Professor of Practice at Capitol Technology University

Dr. Martin is a Professor of Practice at Capitol Technology University. His work at Capitol Technology University is in the following functional areas Critical Infrastructure, Industrial Control System Security, Identity, Credential, and Access Management. Ron has relationships with a diverse mix of businesses. He serves as a board of directors for many profit and non-profit organizations. Ron retired from the United States (U. S.) Army in ...

Read more

Dr. Matthew Meersman Headshot Missing
Dr. Matthew Meersman
Principal Cyber Security Engineer at MITRE & PhD Student

Dr. Matthew Meersman

Principal Cyber Security Engineer at MITRE & PhD Student

Robert D. Morris
Robert D. Morris
Lead Cyber Security Architect at MITRE

Robert D. Morris

Lead Cyber Security Architect at MITRE

A cybersecurity expert with 16 years of experience ranging from incident response, forensics, solution engineering, risk management, compliance, security architecture, and leadership in industries such as high-tech, defense contracting, and public sector.

Read more

Alex Sharpe
Alex Sharpe
Managing Director at Sharpe42

Alex Sharpe

Managing Director at Sharpe42

Mr. Sharpe is a long-time (+30 years) Cybersecurity, Governance, and Digital Transformation expert with real-world operational experience. Mr. Sharpe has run business units and has influenced national policy. He has spent much of his career helping corporations and government agencies create value while mitigating cyber risk. This provides him a pragmatic understanding of the delicate balance between Business realities, Cybersecurity, and O...

Read more

Nishanth Singarapu Headshot Missing
Nishanth Singarapu
Principal – Cyber Security Architecture, Neustar

Nishanth Singarapu

Principal – Cyber Security Architecture, Neustar

Srinivas Tatipamula
Srinivas Tatipamula
Principal Security Advisor, Fairfax

Srinivas Tatipamula

Principal Security Advisor, Fairfax

C-CISO|CISSP|CISA|AWS CSS|AWS CSA|CDPSE|CISM|CGEIT|CRISC|ISO 27000LA|CCSK|ITIL-F|PMP|Bachelor of Economics (Hons)|Bachelor of Law| MS in Digital Forensics

Overall 30 plus years in IT and over 18 years in Cyber Security

Publications:

1. Cloud Security Alliance Internet of Things (IoT) Working Group IoT Security Controls Guide Version Published March 2019

2. CSA IoT Controls Matrix March 2019

3. ...

Read more