{"id":99540,"date":"2021-11-03T09:00:06","date_gmt":"2021-11-03T16:00:06","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=99540"},"modified":"2023-05-15T23:01:21","modified_gmt":"2023-05-16T06:01:21","slug":"evolving-zero-trust-lessons-learned-and-emerging-trends","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2021\/11\/03\/evolving-zero-trust-lessons-learned-and-emerging-trends\/","title":{"rendered":"Evolving Zero Trust\u2014Lessons learned and emerging trends"},"content":{"rendered":"

Looking back at the last two years, to say that our security strategies have evolved would be an understatement. Organizations around the world made overnight transitions to remote work models in response to a global pandemic, forcing them to reassess attack surface areas as they underwent an accelerated digital transformation. Meanwhile, cybercriminals seized new opportunities\u2014introducing COVID-19-themed social engineering campaigns and accelerated ransomware attacks. Nation-state actors launched increasingly bold and sophisticated nation-state attacks.1<\/sup><\/p>\n

In this environment, security transformation has become key to survival. The mandate to explicitly verify every access request, focus on least privilege access overall, and constantly assume breach to maintain vigilance was made clear, as exemplified by calls from governments and businesses worldwide to accelerate the adoption of Zero Trust strategies<\/a>.<\/p>\n

Sidebar:<\/strong> Zero Trust is a proactive, integrated approach to security across all layers of the digital estate that explicitly and continuously verifies every transaction, asserts least privilege, and relies on intelligence, advanced detection, and real-time response to threats.<\/em><\/p><\/blockquote>\n

The evolution of Zero Trust<\/h2>\n

Microsoft has embraced Zero Trust<\/a> to defend our own estate and as a guiding principle for the development of our products. We have also helped thousands of our customers\u2014including Siemens<\/a>\u2014 deploy Zero Trust strategies, accelerate their digital transformation, and increase frequency of advanced attacks using our Zero Trust architecture.<\/p>\n

\"Microsoft<\/a><\/p>\n

Figure 1: Learnings across thousands of Zero Trust deployments have informed our Zero Trust architecture, which emphasizes the critical importance of integrating policy enforcement and automation, threat intelligence, and threat protection across security pillars.<\/em><\/p>\n

Lessons learned and emerging trends<\/h2>\n

Today, we\u2019re publishing the new whitepaper, Evolving Zero Trust<\/a>, to share the key lessons we\u2019ve learned by embracing Zero Trust at Microsoft and supporting thousands of organizations in their Zero Trust deployments. This informs our beliefs on Zero Trust implementations needed to evolve to adapt and keep organizations protected. We\u2019re also sharing the evolution of our recommended Zero Trust architecture and maturity model that has been informed by these insights.<\/p>\n

Highlights from the paper include:<\/h3>\n

\"Cover<\/a><\/p>\n