Federal Zero Trust SecOps service design strategy

How a cross-functional DevSecOps service design strategy addresses complexity and reduces risk at U.S. Centers for Medicare and Medicaid

Challenge

Zero Trust is a countercurrent to traditional perimeter-based security practices. Published Cybersecurity and Infrastructure Security Agency (CISA) guidance helps us get better at employing accurate, least privileged, per-request access in information systems and services facing a network assumed to be compromised. This guidance means that every resource should be untrusted until proven otherwise. Most of what’s published on Zero Trust Architecture (ZTA) dives into the technical requirements and engineering processes that flow toward a given Zero Trust Maturity (ZTM) while offering instruction on what it may take to reach the successive maturity level.

However, challenges arise when organizations open the console or the conference room to start making changes to existing security workflows, governance documentation, or working processes. All guidelines acknowledge that every organization has a different starting block depending on its existing configurations. Implementing Zero Trust principles with existing SecOps is not a monolithic operation but an ongoing and, often, a zigzag process involving identity, infrastructure, networking, applications, and more. It quickly becomes evident that moving toward a Zero Trust Architecture (ZTA) requires cross-functional, interdisciplinary collaborations between DevSecOps experts, governance specialists, and business process influencers. How might we approach the challenge?

Stakeholders

Application development teams, ISSOs, and Infrastructure.

Role

Service Design Strategist, Information Systems Technology

Collaborators

Security Architect, Security Engineers, Governance Experts, Business Owner, Component Director


Methods

  • Stakeholder map
  • User interviews and ride-along
  • Archetypes and Personas
  • Cluster analysis
  • JTBD
  • Data mining
  • Service blueprint
  • Gap Analysis
  • Value feasibility analysis
  • Stakeholder training

Approach

The batCAVE Zero Trust strategy builds on existing security practices but evolves them through an agile collaboration between leadership, DevSecOps, governance, and human-centered service design. We begin with the end in mind and view security from the inside out (starting from data, network, and resources) rather than the outside in (starting from the perimeter). We separate our efforts into three swim lanes, People, Platform, and Playbook, navigating change management and software implementation in four design phases: Discover, Define, Develop, and Deliver.

Software

Figma, Coda, Confluence, Jira, Dovetail, Contentful, Mural, Miro

Bonus Material

To better socialize Zero Trust, a new concept in the federal DevSecOps environment, we developed a typefont-based logo. This allowed us to use our branding across platforms and input devices. Whether in a polished presentation or in an ASCII-compatible line of code, the Zero Trust initiative could leave its brand mark in line.

ZERO(/}TRUST

ZERO(/}TRUST