Design a Zero Trust adoption roadmap for [Business Unit] protecting WMS/TMS, fleet telematics/ELDs, and partner APIs. Define [Crown Jewels] (e.g., booking, yard slotting, manifests), segment identities/devices/workloads, and mandate continuous verification, least privilege, and micro-segmentation. Propose staged capabilities within [Time Horizon]: identity federation & MFA, device posture, network segmentation, privileged access, secure service mesh, and data-centric controls. Provide a financial view constrained by [Budget Cap], highlighting quick wins, deferred items, and dependencies. Outline governance involving [Key Stakeholders] and integration with existing SOC tooling.
Output format requirements: (1) Capability heatmap (Current/Target/Gap); (2) 3-phase roadmap with milestones, dependencies, and outcomes; (3) RACI for delivery/governance; (4) KPI set with targets (e.g., % privileged sessions brokered, policy coverage); (5) Risk-reduction narrative (≤120 words).