Publication Peer Review
CCM v4 - CISA Zero Trust Maturity Model v2.0 Mapping
Open Until: 12/17/2024
This project aims to assist organizations in various stages of their Zero Trust (ZT) implementation, particularly in the context of cloud computing and security. The focus is on aligning the Cloud Security Alliance’s (CSA) Cloud Controls Matrix (CCM) v4.0 with the Zero Trust Maturity Model (ZTMM) v2.0 developed by the Cybersecurity and Infrastructure Security Agency (CISA). By mapping relevant CCM controls to the CISA ZTMM this project illustrates the controls’ relationship with ZT Pillars and cross-cutting capabilities, offering guidance on how each control can support organizations in progressing through the ZT maturity model.
The overarching goal is to anchor ZT implementation and operationalization efforts with well-established cloud security controls, facilitating governance, risk management, and compliance (GRC) in a Zero Trust environment. This mapping and gap analysis serves as a strategic tool for organizations to navigate the complexities of ZT adoption, while also highlighting any areas where CCM controls may need to be expanded or adapted to fully support ZT best practices.