Security News > 2021 > February > NSA, Microsoft promote a Zero Trust approach to cybersecurity
The National Security Agency and Microsoft are advocating for the Zero Trust security model as a more efficient way for enterprises to defend against today's increasingly sophisticated threats.
Google implemented zero-trust security concepts following Operation Aurora in 2009 for an internal project that became BeyondCorp. Zero Trust defense for critical networks.
The recent SolarWinds supply-chain attack, also attributed to a nation-state actor, renewed the discussion on the benefits of the zero trust security architecture for sensitive networks.
The above diagram from Microsoft shows how Zero Trust security with a security policy enforcement engine can assess in real-time.
To show the benefits of a Zero Trust network, the NSA gives three examples based on real cybersecurity incidents where the threat actor would have been unsuccessful if the concept had been implemented.
"Once even basic or intermediate Zero Trust capabilities are integrated into a network, follow-through is necessary to mature the implementation and achieve full benefits," the NSA says.