Structured guidance on business drivers, key technologies, deployment strategies, and metrics is critical to developing an effective zero trust strategy. Yet many executives also benefit from observations about the journey that provide a real-world perspective on considerations, roadblocks, and workaround options. Our zero trust thought leadership group discussions (and internal conversations about ZT) elicited observations that may help inform CISOs as they move to tie strategy to frameworks and activity plans.
Every hiring manager (and job seeker) understands the distinction between “hard skills,” which relate directly to core job requirements, and “soft skills,” which are important to a professional’s ability to function effectively in a business environment. A similar distinction applies to ZT strategy development.
CISOs need to address specific issues that are—and ought to be—critical points of emphasis for the CIO, senior leadership team (SLT), and board of directors:
- Why invest in zero trust?
- What capabilities will we need?
- What does the path forward involve?
- How will we measure progress or success?