Get Permission The U.S. National Security Agency has issued "zero trust" guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations. The new guidance issued Thursday describes some of the basic zero trust principles, such as "assume breach," and lays down zero trust design concepts. It also describes threat scenarios and how organizations can prevent these attacks using the zero trust model. "NSA strongly recommends that a zero trust security model be considered for all critical networks within national security systems, the Department of Defense’s critical networks and Defense Industrial Base critical networks and systems," the guidance states. "Adopting zero trust will enable systems administrators to control how users, processes and devices engage with data. These principles can prevent the abuse of compromised user credentials, remote exploitation or insider threats and even mitigate effects of supply chain malicious activity."