Why Zero Trust is the right mindset for the defense and intelligence industry
In July 2019, Kurt DelBene, Milo Medin, and Richard Murray wrote, The Road to Zero Trust (Security), for the Defense Innovation Board. In it, they stated:
“…cybersecurity is at a critical juncture. Its networks are growing in size and complexity, requiring massive amounts of rapid data transfer to maintain situational awareness on the digital and physical battlefield. This expansion is stretching existing cybersecurity apparatuses to their breaking point, as an ever-growing number of users and endpoints increases the attack surface of the network.”
Just a few months later, the Coronavirus pandemic accelerated the inevitable at an unforeseen rate by forcing organizations to extend their perimeters to homes with ‘dirty internet’ and shared computers. Add to that the complexity of bad nation-state actors, the growth of edge computing from sub-sea to geosynchronous orbit, the use of AI and other technologies, and it is apparent that there must be a revolutionary change in cybersecurity—enter Zero Trust.
Every modern security conversation eventually gets to the term “Zero Trust.” Nowhere is this truer than within defense and intelligence agencies. Here, cybersecurity is the foundation of every mission-capability conversation, regardless of service branch or nation.
Our conversations with military leaders, personnel, civilians, and mission partners are driven by creating a true Zero Trust culture. As Vasu Jakkal, Microsoft CVP for Security, Compliance, and Identity wrote in her blog, Zero Trust is the foundation for organizational resilience and the future of security. As Jakkal notes, Microsoft has two security superpowers—an integrated approach and our amazing AI and automation which creates a security framework that is unique in the industry. We tackle security from all angles, both inside-out and outside-in.
Let’s delve into the what, why, and how of Zero Trust and what it means for our defense and intelligence customers.
What is Zero Trust
The National Institute of Standards and Technology (NIST) defines Zero Trust as the following:
- An evolving set of cybersecurity paradigms that move network defenses from static, network-based perimeters to focus on users, assets, and resources.
- Based on the assumption there is no implicit trust granted to assets or user accounts based solely on their physical or network location.
- A response to enterprise network trends that include remote users and cloud-based assets that are not located within an enterprise-owned network boundary. Zero Trust focuses on protecting resources, not network segments, as the network location is no longer seen as the prime component to the security posture of the resource.
Using a particular network can no longer be the gate to grant access to every system, asset, or data resource. A modern approach to cybersecurity leverages these Zero Trust Principles to enable conditional access.
This approach includes:
- Explicit verification. This always authenticates and authorizes based on all available data points, including user identity, location, device health, data classification, and anomalies.
- Least privilege access. This means that dynamic, risk-based policies will allow just enough access for the limited time that it is needed to balance security and productivity based on the needs of the person requesting access.
- Assume breach. This minimizes the scope of breach damage and prevents lateral movement by segmenting access by network, user, devices, and application and leverages increased visibility to drive better threat detection analytics.
Why defense and intelligence agencies should care
Today’s defense and intelligence agencies need a security model that more effectively adapts to the complex modern environment, embraces the mobile workforce and protects people, devices, apps, and data wherever they are located.
By implementing a Zero Trust framework, your agency can:
- Improve enterprise visibility
- Reduce IT complexity
- Provide superior data protection and exfiltration detection
- Reduce security workloads
- Deliver a superior user experience
- Employ in conjunction with or in preparation for cloud migration
How Microsoft can help
At Microsoft, we recognize that most defense industry organizations have embarked upon a Zero Trust journey. Microsoft understands what it takes to assess where you are on your journey and accelerate a Zero Trust security model as we’ve done it within our own company to secure corporate and customer data. Our phased implementation of Zero Trust centers on strong user identity, device health verification, validation of application health, and secure, least-privilege access to corporate resources and services. We’ve shared our learnings and our approach with our customers, and our internal experience has provided us with unique insight and products as to how we can help our customers implement the same Zero Trust frameworks.
These include:
Microsoft Azure Active Directory (Premium 2)
- Azure ATP
- Conditional Access
- Identity Protection
- Information Protection/DLP
- Application Proxy for Hybrid Workloads
Microsoft 365
- Defender ATP
- Intune
- O365 Conditional Access w/DLP
- Windows Hello for Business (WHfB)
Microsoft Consulting Services
- Zero Trust Security
- Cloud Security Planning
- Modern Work Security
- Enterprise Cybersecurity Advisory Services
- Azure Security Modernization
Get more information on Microsoft’s work with defense and intelligence agencies. For more in-depth coverage on our Zero Trust pillars and how we can help, visit our Zero Trust website.
