Zero Trust Architecture Review

Design a Zero Trust security architecture review for an existing network, identifying trust assumptions, lateral movement risks, and a phased implementation roadmap.

Prompt

Conduct a Zero Trust Architecture (ZTA) review for the following environment: Current architecture overview: Identity provider: Current security controls: Crown jewels — most sensitive assets: Compliance requirements: Team maturity: Please produce a comprehensive review covering: 1. Trust Assumption Mapping — identify every implicit trust relationship currently in place (network segments, user roles, service accounts, third-party access) 2. Lateral Movement Risk Assessment — where could an attacker move freely once inside? Map the highest-risk paths 3. Identity & Access Gaps — evaluate current IAM posture against ZTA principles: least privilege, continuous verification, just-in-time access 4. Network Segmentation Analysis — assess micro-segmentation opportunities and east-west traffic risks 5. Data Protection Review — classify data flows and identify where sensitive data crosses trust boundaries unprotected 6. Phased Implementation Roadmap — a 3-phase plan (Quick Wins / Core Transformation / Full Maturity) with effort estimates and dependencies 7. KPIs & Success Metrics — how will we know Zero Trust is working? 8. Executive Narrative — a one-page business case summarising risk reduction and investment justification Ask me any questions upfront that would help you tailor this to our specific environment.

Continue with GoogleContinue with LinkedIn

Sign in to save the prompt

Copy to ClaudeCopy to ChatGPTOpen Gemini

Continue with GoogleContinue with LinkedIn

Sign in to save the prompt