The rapid evolution of cyber threats, coupled with the increasing complexity of modern IT environments, has rendered traditional perimeter-based security models ineffective. Organizations today operate across hybrid cloud infrastructures, distributed workforces, and interconnected supply chains, significantly expanding the attack surface. This paper proposes a comprehensive cybersecurity risk management framework grounded in Zero Trust Architecture (ZTA), emphasizing continuous verification, least privilege access, and micro-segmentation. The framework integrates established risk management methodologies with Zero Trust principles to provide a scalable, adaptive, and resilient security model. It further explores architectural design, implementation strategies, and operational considerations necessary for real-world adoption. The proposed model enables organizations to systematically identify, assess, and mitigate cybersecurity risks while aligning with modern regulatory and compliance requirements.
Tank Amit (Wed,) studied this question.