{"id":124726,"date":"2022-11-22T12:40:00","date_gmt":"2022-11-22T20:40:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=124726"},"modified":"2023-05-15T23:06:13","modified_gmt":"2023-05-16T06:06:13","slug":"microsoft-supports-the-dods-zero-trust-strategy","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/11\/22\/microsoft-supports-the-dods-zero-trust-strategy\/","title":{"rendered":"Microsoft supports the DoD’s Zero Trust strategy"},"content":{"rendered":"\n

The Department of Defense (DoD) released its formal Zero Trust strategy<\/a> today, marking a major milestone in its goal of achieving enterprise-wide implementation by 2027. The strategy comes at a critical time as United States government networks continue to face nearly half the global nation-state attacks that occur, according to the Microsoft Digital Defense Report 2022.1<\/sup><\/p>\n\n\n\n

Microsoft applauds the DoD\u2019s ongoing efforts to modernize and innovate its approach to cybersecurity. The DoD released its initial Zero Trust reference architecture shortly before last year\u2019s White House executive order on cybersecurity2<\/sup> and quickly followed with Version 2.0 in July 2022.3<\/sup> The latest update provides crucial details for implementing the Zero Trust strategy, including clear guidance for the DoD and its vendors regarding 45 separate capabilities and 152 total activities. <\/p>\n\n\n\n

While Zero Trust initiatives have been underway for years across various departments, this updated strategy seeks to unify efforts to achieve a strong, proven defensive posture against adversary tactics. Collaborating on Zero Trust<\/a> has been a challenge across the industry as it can be difficult to compare Zero Trust implementations across organizations and technology stacks. However, the level of detail found in the DoD’s strategy provides a vendor-agnostic, common lens to evaluate the maturity of a variety of existing and planned implementations that were derived from the DoD’s unique insights into cyberspace operations.<\/p>\n\n\n\n

Furthermore, the DoD\u2019s shift from a compliance and controls-based approach to an outcomes-focused methodology\u2014meaning the job is done when the adversary stops, not just when the controls are in place\u2014stands out as a best practice not seen elsewhere to this extent.<\/p>\n\n\n\n

Building a secure foundation for Zero Trust together<\/h2>\n\n\n\n

Strong industry and public sector partnerships are at the heart of our approach, which is why Microsoft was invited by the DoD to discuss how its Zero Trust definitions would map to new and existing computing environments.<\/p>\n\n\n\n

Microsoft is uniquely suited to support the DoD in its Zero Trust mission as both a leading cloud service provider to the government and a security company. Microsoft is recognized as a Leader in five Gartner\u00ae Magic Quadrant\u2122 reports4,5,6,7,8,9<\/sup> and seven Forrester Wave\u2122 categories,10,11,12,13,14,15,16<\/sup> representing a full array of fit-for-purpose security tools to achieve Zero Trust outcomes. These components are pre-integrated to provide a strong baseline and a fast path to comprehensive coverage across the DoD’s seven pillars and 45 capabilities of Zero Trust to achieve both target and advanced activities.<\/p>\n\n\n\n

Beyond comprehensive coverage of the DoD\u2019s latest capabilities requirements, our strong baseline is further enhanced by an open ecosystem of more than 90 partner Zero Trust solutions from leading security companies that integrate directly with our platform. To name a few:<\/p>\n\n\n\n