logo
Home

Blog Details

Scroll

Microsoft Backs DoD’s Zero Trust Strategy

Posted by Marbenz Antonio on December 5, 2022

Free Stock Photo of Zero Trust - Zero Trust Network - Cyber Security - Concept | Download Free Images and Free Illustrations

The Department of Defense (DoD) today announced its formal Zero Trust strategy, marking an important step toward the DoD’s goal of achieving enterprise-wide adoption by 2027. According to the Microsoft Digital Defense Report 2022, the approach comes at a vital time because US government networks continue to face roughly half of all international nation-state attacks.

Microsoft applauds the Department of Defense’s continuous efforts to update and improve its cybersecurity approach. cThe latest update provides critical details for implementing the Zero Trust strategy, including clear guidance for the DoD and its vendors on 45 distinct capabilities and 152 total activities.

While Zero Trust programs have been underway in many departments for years, this new plan needs to integrate efforts to build a strong, proven defensive posture against attacker methods. Collaboration on Zero Trust has been tough across the industry since comparing Zero Trust solutions across organizations and technology stacks can be difficult. The level of detail provided in the DoD’s strategy, on the other hand, provides a vendor-agnostic, common lens to evaluate the maturity of a variety of existing and upcoming implementations generated from the DoD’s unique insights into cyberspace operations.

Additionally, the DoD’s change from a compliance and controls-based strategy to an outcomes-focused methodology—that is, when the adversary ceases, not merely when the controls are in place—stands out as a best practice not seen elsewhere to this level.

Building a Secure Foundation for Zero Trust together

The strategy is based on strong business and public sector collaborations, which is why Microsoft was invited by the DoD to discuss how its Zero Trust criteria would transfer to new and existing computer systems.

Microsoft is perfectly prepared to support the DoD in achieving its Zero Trust mission as both a top provider of cloud services to the government and a security firm. Microsoft is recognized as a Leader in seven Forrester Wave™ categories and five Gartner® Magic Quadrant™ studies, which together reflect the full range of purpose-built security products needed to achieve Zero Trust results. These elements are pre-integrated to offer a solid foundation and a quick route to comprehensive coverage across the 45 Zero Trust capabilities and the seven DoD pillars, allowing both target and advanced activities.

The strong foundation is further enhanced by an open ecosystem of more than 90 partner Zero Trust solutions from top security firms that directly interface with our platform, in addition to comprehensive coverage of the DoD’s most recent capability needs.

Some of them include:

  • Tenable and Microsoftto support vulnerability evaluations for hybrid cloud workloads by integrating Tenable.io with Microsoft Defender for Cloud and Microsoft Sentinel products.
  • Yubico and Microsoftto prevent phishing attacks, Microsoft Azure Active Directory recently released certificate-based authentication (CBA) for Windows, iOS, and Android devices using the YubiKey hardware security key.
  • Conquest Cyberthe ARMED™ Platform, based on Microsoft Sentinel, to assist agencies in creating and managing solutions to address cyber risk with real-time visibility of their posture, guided by compliance, maturity, and effectiveness.

Last but not least, Microsoft is deeply dedicated to promoting cyber resilience and strengthening our country’s cyber defenses. Our efforts to develop useful, interoperable Zero Trust approaches and architectures with the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) and our ongoing participation in the Joint Cyber Defense Collaborative established by the Cybersecurity & Infrastructure Security Agency both provide examples of this responsibility (CISA).

Real-world pilots and implementations are driving continuous learning and improvement

The DoD has embraced this feature of the Zero Trust concept by analyzing ongoing pilots and evaluations as a research and development activity. The Zero Trust philosophy is deeply anchored in lessons learned. Microsoft has worked with many DoD departments in recent years to speed up the adoption of zero trust through a number of pilot and production deployments, giving agencies a predictable path to achieving their objectives.

One such instance is the cutting-edge Flank Speed program of the US Navy, which combines significant federal and DoD initiatives to safeguard almost 500,000 identities and devices while improving user experience. Many of the Zero Trust initiatives outlined in the DoD’s strategy are already being used by the Navy as part of its extensive deployment, which includes components like continuous authorization, big data, and comply-to-connect (C2C).

Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.

For more information, please get in touch with one of our course advisers today or contact us at training@coursemonster.com

Recent posts

Verified by MonsterInsights