Zero Trust Maturity Mind Maps

Tiago Souza1 year ago03/09/2023No tagsMindMaps

Zero Trust Maturity Mind Map

Reference: Evolving Zero Trust – Microsoft Position Paper.

Ever since the term Zero Trust came out regarding cyber security, manufacturers, partners, and professionals have provided a range of perspectives. Some manufacturers provide Zero Trust to one specific area like identity or devices. Some businesses may view Zero Trust as something to buy off the shelf.

The reality, however, is that Zero Trust is a process or strategy if you will. It is also a moving target in the since that, with recent technologies and approaches, the ability to achieve Zero Trust is always ongoing.

In this context Microsoft takes the following approach to Zero Trust. First, we look at three major principles.

Verify Explicitly
Least Privilege Access
Assume Breach

Second, we look at six major pillars where Zero Trust needs to be applied. These pillars are all interconnected and make up an IT ecosystem and are applied to on-premises and multi-cloud environments.

Identity
Endpoint/Devices
Apps
Data
Infrastructure
Network

Lastly, there is a set of Zero Trust Policies that run throughout the six pillars.

Policy Enforcement
Threat Protection

Because this is comprehensive and covers an IT ecosystem, Zero Trust needs to be looked at from a maturity level rather than from a point solution or a set of solutions.

The mind map models in this section cover three maturity models, Basic/Getting Started, Advanced, and Optimal. Each model has a link that explains the six pillars and how they relate to a maturity level for each model.

Because we look at this from a maturity standpoint, the question is not if businesses are doing Zero Trust, most are doing some portion, but how mature are they in the Zero Trust process and at what level within each pillar.

By taking this approach, security professionals can look at the environment and determine the gaps and how to address them.

We hope these models help to clarify what it means to have Zero Trust within a business and empower security teams to build a solid Zero Trust foundation.

Jeff Van Gundy TS-Security, Microsoft
Jeff Van Gundy, CISSP | LinkedIn

“Most businesses aren’t in the business of security, but security can help them stay in business.”

All material is based and derived from Evolving Zero Trust – Microsoft Position Paper.

Download the Basic – https://cybergeeks.cloud/wp-content/uploads/2023/03/Zero-Trust-Maturity_Basic.pdf

Download the Advanced – https://cybergeeks.cloud/wp-content/uploads/2023/03/Zero-Trust-Maturity_Adv anced.pdf

Download the Optimal – https://cybergeeks.cloud/wp-content/uploads/2023/03/Zero-Trust-Maturity_Optimal.pdf

add a comment

Tiago Souza

Security Technical Specialist

Cyber Security Technical Specialist at Microsoft | Cloud Security & Threat Protection | Blog content creator at CyberGeeks.Cloud - https://linktr.ee/tiagovf

view all posts

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others

Multilingual WordPress with WPML

Zero Trust Maturity Mind Maps

Tiago Souza

Microsoft Defender Threat Intelligence (MDTI) Mind Map

Microsoft Defender Mind Map

Search

Contact

Popular Posts

#Lab: How to integrate Alien Vault OTX Threat Indicators into Microsoft Sentinel

KQL fundamentals – Let statement

KQL Overview – Kusto Query Language

Useful Links

Comments

Tiago Souza

You may also like

Microsoft Defender Threat Intelligence (MDTI) Mind Map

Microsoft Defender Mind Map

#Lab: How to integrate Alien Vault OTX Threat Indicators into Microsoft Sentinel

KQL fundamentals – Let statement

KQL Overview – Kusto Query Language