A Zero Trust Module for Cybersecurity Education
A Zero Trust Module for Cybersecurity Education
A Zero Trust Module for Cybersecurity Education
File Size:
1.35 MB
Xinli Wang, Vijay Bhuse, Yuan Cheng
Date:
27 November 2024
Zero Trust (ZT) is a conceptual and architectural framework for cybersecurity teams to design networks into secure micro-perimeters and strengthen data security with dynamic and context-aware policies by systematically integrating state-of-the-art technology, risk management, and threat intelligence. Both theoretical analysis and industrial practice have shown that ZT can ensure that organizations are not victims of known attacks or fail to discover a breach for a long time. ZT has recently gained momentum in industry to defend against lateral movement of malicious actors in today's borderless networks. The United States 2021 President Executive Order requires the federal government must adopt security best practice and advance toward a Zero Trust Architecture (ZTA). However, it is not a trivial task to implement a ZTA due to its novelty and complexity. We need to understand what ZT or ZTA is to take full advantage of it. Therefore, there is a need to introduce the fundamental concepts, principles, and architectures of ZT in cybersecurity courses at a college to better prepare our new cybersecurity professionals for their careers.
In the last few years, we have developed a module and used it to introduce ZT in cybersecurity courses at senior undergraduate and graduate levels. Students' feedback is positive. This module includes an introduction to ZT and its principles, design issues in the traditional model of perimeter-based network security, zero trust architectures, security benefits of ZT, technical challenges to implement a ZTA, and the main threats to ZT networks. This article provides an overview of this module. We will also share the experience and lessons we have learned in our teaching practice. Our work will provide a good reference for those who teach cybersecurity courses at a college or university, or are developing a cybersecurity curriculum. It will also help busy professors develop or revise a zero trust module for their cybersecurity courses.
Powered by Phoca Download
Copyright © 2024 CISSE™. All rights reserved.