(TLP:CLEAR) CISA Guidance Helps Organizations Modernize Network Security with Zero Trust and SASE

Summary: Yesterday, CISA published new guidance, The Journey to Zero Trust: Using Secure Access Service Edge in a Modern TIC 3.0 Solution, to help organizations modernize legacy perimeter-based network architectures. The guidance is primarily intended for federal civilian agencies, but CISA notes that state and local governments, critical infrastructure entities, and other organizations may also find it useful as they transition toward a zero trust architecture.

The publication explains how Secure Access Service Edge, or SASE, can support Trusted Internet Connections 3.0 by combining networking capabilities, such as software-defined wide area networking, with security functions such as secure web gateways, cloud access security brokers, zero trust network access, and next-generation firewalls. CISA states that this approach can improve performance, reduce latency, and increase visibility and control across distributed environments.

Analyst Note: Although the guidance is written for federal agencies, its underlying message is relevant to the water sector. Utilities are increasingly supporting remote work, cloud-hosted services, third-party access, and distributed operational environments, all of which can strain traditional perimeter-based security models.

WaterISAC encourages members to review the guidance as a planning resource, not simply as a federal architecture document. Useful takeaways for members include:

• Move away from implicit trust.
• Apply access controls based on identity and device context.
• Improve visibility across cloud and remote access pathways.
• Ensure that modernization efforts preserve logging, monitoring, and incident response capabilities.

Original Source: https://www.cisa.gov/resources-tools/resources/using-sase-modern-tic-30-solution

Related WaterISAC PIRs: 6, 12