The U.K.’s National Cyber Security Centre (NCSC) has launched its “Zero Trust Architecture Design Principles,” providing guidance to help entities design and review a zero trust architecture that meets their unique requirements. As described by the NCSC, “zero trust is an architectural approach where inherent trust in the network is removed, the network is assumed hostile and each request is verified based on an access policy” (you can read more about zero trust at the NCSC here). The guidance includes eight principles, which include knowing your architecture, assessing user behavior, and not trusting any network (including you own), among others. The NCSC notes that it will also publish a set of blog posts covering some key topics for migration to a zero trust architecture, as defined by its principles. Read more and access the principles at NCSC.