• The objective of the course and certification is to meet the increasing need for a zero-trust approach in information security.
  • The course incorporates fundamental zero-trust best practices from reputable sources like the Cybersecurity and Infrastructure Agency and the National Institute of Standards and Technology.

The first-ever zero-trust training and credential program in the cybersecurity industry, the Certificate of Competence in Zero Trust, was recently announced by the Cloud Security Alliance.

The CCZT provides a thorough grasp of zero-trust architecture, its components, and its operation. The National Institute of Standards and Technology and the Cybersecurity and Infrastructure Agency are two organizations that have published fundamental zero-trust best practices that are covered in the course. It encompasses efforts related to the Software Defined Perimeter by CSA Research and insights from esteemed zero-trust experts, including John Kindervag, the founder of this philosophy.

The course and certification aim to meet the increasing need for a zero-trust paradigm in information security. According to a Gartner poll, 60% of organizations are projected to adopt zero trust by 2025. The CSA asserts that a zero-trust approach will become a necessity for organizations and an essential skill for various security professionals, encompassing security engineers and architects, C-suite executives, and other decision-makers.

The alliance wants obtaining the CCZT to be essential for businesses with strong security postures and for security experts to ensure they are prepared to implement the strong security measures needed when adopting a zero-trust strategy.

A wide range of people from businesses and organizations are among the first recipients of the CCZT, including Waverly Labs, Resilient Systems Inc.,  Illumio Inc., Okta Inc., the Department of Defense, ZScaler Inc., 6point6 LLC, CrowdStrike Holdings Inc., Hudl Inc., Fischer Identity Corp., Securosis Inc., Pacific Northwest National Laboratory, Ericom Software Inc., Cognitio Corp., CISA, Mastercard Inc., and The MITRE Corp.

Patrick Tiquet, Vice President of security and architecture at password and secret management company Keeper Security Inc., said, “Having a cybersecurity professional who can authenticate an in-depth understanding of zero-trust architecture, its components and its functioning with a reputable source such as the CSA Certificate of Competence in Zero Trust is indispensable.”

Tiquet said, “The formal recognition of zero-trust expertise through a certificate assures organizations that the certified professional has undergone the training and demonstrated proficiency in designing and implementing effective zero-trust architectures. This credibility not only helps accelerate the adoption process but will also reduce risks associated with the implementation, as organizations can rely on these certified professionals to make informed decisions aligned with zero-trust principles.”

The threat mitigation company Merlin International Inc.’s Cybersecurity Solutions Engineer, Dean Webb, called CCZT “ideal for disseminating these ideas that really need to be adopted not just by security professionals, but by all people in IT.”

Webb added, “Security principles apply to everything we do, from coding web payments portals to answering emails from strangers. The low total cost of certification makes it ideal for self-starters who have their own personal goals. People in other areas of IT that are looking to get into security would do well to snap it up.”