Zero Trust Maturity Matters: Modeling Cyber Security Focus Areas and Maturity Levels in the Zero Trust Principle

Abstract

Society is getting more dependent from information technologies - which means that the Confidentiality, Integrity and Availability (CIA) must be guaranteed -, thus the cybersecurity of information systems needs to be improved. At the current date, the complexity of networks has increased exponentially. On top of that, networks will keep extending well outside the controllable borders of enterprises. To solve this problem, enterprises must start letting go of Trust but Verify and start embracing the Zero Trust principle. This research created a Zero Trust Maturity Model (ZeTuMM) that enterprises should use to start with the Zero Trust principles implementations, as well as grow in their Zero Trust maturity. After testing this model at various companies, this research serves as a road sign to continue the work on Zero Trust cybersecurity.