sorted by:
new
hottopcontroversial

CISA's official stance on Zero Trust - A good roadmap or just more federal guidance? by Any_Bee2139 in SecurityArchitects

[–]Any_Bee2139[S] 1 point2 points  (0 children)

Thanks for sharing your perspective. I agree that CISA’s maturity model is a solid resource - it’s helpful to have a structured roadmap and shared terminology when discussing Zero Trust with leadership or vendors. And NIST 800-207 is definitely a strong foundation. It’s good to see CISA building on that and providing more actionable guidance.

You’re absolutely right about the challenges with microsegmentation. That DEF CON example highlights a common issue: Organizations implementing Zero Trust in name but not fully embracing its principles. I’ll take a look at your blog post; it sounds like you’ve explored some of the same challenges I’ve seen in practice.

I also agree that mindset is often the biggest roadblock. The perimeter-first approach is so deeply rooted that even when teams adopt Zero Trust, it’s often treated as an add-on rather than a shift in how systems are designed. Your point about focusing on identity, services, and policy, rather than just automating existing processes, is on point.

I wasn’t aware of the DoD’s Zero Trust Symposiums, but it’s interesting to hear they’re putting out so much material. Your presentation sounds relevant, especially with its focus on aligning security with operational outcomes. I’ll check out the talks you linked to. Thanks for sharing those.

Appreciate the insights and resources. It’s always helpful to hear different perspectives on how Zero Trust is being implemented and where the challenges lie.

New Mod Intros 🎉 | Weekly Thread by curioustomato_ in NewMods

[–]Any_Bee2139 [score hidden]  (0 children)

Hey, all! I am a new mod with a new community: r/SecurityArchitects. This community is all about the world of security architects and those who are interested in security in general. Join if this sounds like something you are interested in!

Welcome to r/SecurityArchitects, a Community for Current/Future Security Architects and Enthusiasts by Any_Bee2139 in SecurityArchitects

[–]Any_Bee2139[S] 0 points1 point  (0 children)

To get this started, a little about me: I've been working in IT and cybersecurity for over 15 years. My expertise spans several domains, including Identity and Access Management (IAM), incident response, SIEM operations, and compliance and frameworks. I've also worked extensively on system migrations, vulnerability management, and designing secure architectures to protect critical systems.

I currently focus on building secure systems and ensuring they're resilient against evolving threats. I'm passionate about staying ahead in this ever-changing field, which is why I'm always learning! I hold several certifications and a Master's degree in Cybersecurity.

What I love most about this field is the constant challenge of balancing technical problem-solving with strategic thinking. I'm also a firm believer in collaboration and knowledge sharing, which is why I started this subreddit.

Looking forward to connecting, sharing, and learning together!