Guidance relates to CISA’s Zero Trust Maturity Model, which covers identity, devices, networks, applications and networks, and data
Alice Chambers |
Microsoft has released new guidance for the Cybersecurity Infrastructure Security Agency (CISA)’s Zero Trust Maturity Model to help US governments to use Microsoft cloud services securely.
CISA’s model encourages organisations to transition to a zero-trust architecture by helping them to develop security strategies and implement plans. It splits the advice into five key areas of focus including identity, devices, networks, applications and networks, and data.
“The model also integrates capabilities that span across all pillars, to enhance cross-function interoperability – including visibility and analytics, automation and orchestration, and governance,” said Steve Faehl, federal security chief technology officer at Microsoft, in a blog post titled ‘New Microsoft guidance for the CISA Zero Trust Maturity Model’. “Microsoft’s Zero Trust Maturity Model guidance serves as a reference for how government organisations should address key aspects of pillar-specific functions for each pillar using Microsoft cloud services.”
The guidance covers features that are available now in Microsoft clouds such as Microsoft Security Exposure Management, Microsoft Entra ID, Microsoft Intune and Microsoft Defender XDR.