This has led organizations such as Microsoft, among many others, to find ways to react to such attacks. The consensus of governments and businesses worldwide recognizes that this is an imperative and that there is a need to accelerate the adoption of a Zero Trust strategy. Rather than assuming that everything behind the corporate firewall is protected, the Zero Trust model assumes a breach and verifies every request as if it originated on an open network. Regardless of where the request originates or what resources it attempts to access, Zero Trust teaches us to "never trust, always verify".

"As attackers know that data is the greatest asset of organizations in the digital era, security must be a priority, because a cyber attack can wipe out a company: data breaches have an average cost of 3.9 million dollars and organizations can take an average of 57 days to detect it, when it may already be too late to repair the damage. It is clear that we must take a new look at information security and cybersecurity, because what we had in mind for the on-site world is not enough to face these new realities", explained Jaime Menéndez, Country manager of Microsoft El Salvador.

After enduring thousands of implementations and observing the growing threat landscape, we have reviewed and evolved the Zero Trust architecture with these three principles:

Zero Trust Principles

• Explicitly verify - Always authenticate and authorize based on all available data points, including user identity, location, device status, service or workload, data classification and anomalies.
• Use least privilege access - Limit user access just in time and with sufficient access and quickly implement risk-based policies and data protection to help protect data and productivity.
• Assume breach - Minimize scope radius and segment access. Test end-to-end encryptions and use analytics to gain visibility, drive threat detection and improve defenses.

"If we want to keep our data protected against cybercriminals, it's important to invest in tools and capabilities that limit information loss and constantly monitor for any data leaks or exposures. For all these reasons, organizations are in the process of appropriately addressing their cybersecurity issues through a Zero Trust strategy. All organizations need a new security model that adapts more effectively to the complexity of the modern environment, embraces the hybrid workplace and protects people, devices, applications and data wherever they are", said Marcelo Felman, director of Cybersecurity for Latin America at Microsoft.

Five steps to successfully implement a Zero Trust strategy:

Zero Trust requires verifying and checking the trustworthiness of every transaction between systems (user identity, device, network and applications) before it happens. In an ideal Zero Trust environment, the following behaviors are critical:

1. Strengthen credentials - Use multi-factor authentication (MFA) everywhere, as well as strong password guidance, and continue on the path to a passwordless environment. The additional use of biometrics ensures strong authentication for user identities.
2. Reduce the attack surface - Disable the use of older, less secure protocols, restrict access to entry points, adopt cloud authentication, and exercise greater control over administrative access to resources.
3. Automate threat response - Enforce MFA or block risky access and implement occasional secure password change. Implement and automate the response and do not wait for a human agent to respond to the threat.
4. Use cloud intelligence - Consult My Microsoft Secure Score (a numerical summary of the organization's security posture based on system configurations, user behavior and other related security measures). Monitor and process audit logs to learn from them and strengthen policies based on those learnings.
5. Empower collaborators with self-service - Implement autonomous password reset, provide autonomous access to groups and applications, and provide users with secure repositories for downloading applications and files.

"Implementing a Zero Trust strategy is not at all complex. The steps are hygiene measures that should be considered in any company that wants to protect itself and mitigate security risks. The Zero Trust model protects us against 98% of attacks. To combat that 2% of vulnerabilities, Microsoft applies five steps to achieve cyber resilience", said Felman. 

Microsoft’s five steps to cyber resilience:

1. Accept that vulnerability is inherent in hybrid work and improve resilience - Leaders are concerned, as nearly 40% of security breaches committed last year affected their business. Now that hybrid work is here to stay, dispersed cloud networks are difficult to protect, and companies no longer have the option of reverting to an internal corporate network. To protect their companies, leaders must hire cloud experts to work on cloud security to help organizations achieve more secure, compliant and productive outcomes.

2. Limit how far ransomware attackers can go - Ransomware increased 1,070% between july 2020 and june 2021. The severity of attacks is increasing, with nearly $20 billion in damages in 2021. By 2031 that figure is predicted to exceed USD $265 billion. In approximately 48% of ransomware attacks, victims reported that the attacks caused operational downtime, exposure to sensitive data and reputational damage. To reduce attacks, leaders should adopt the Zero Trust principles mentioned above.

3. Elevate cybersecurity to a strategic business function - Studies show dramatic similarities between the perception of vulnerability and a mature security posture that addresses security as a strategic business function. Nine out of ten security leaders who feel vulnerable to attack perceive security as "a business catalyst." Security leaders must evaluate their Zero Trust strategy, as this resilient security posture transforms security from a protective service into a strategic business catalyst.

4. Recognize that they may already have what it takes to manage growing threats - Mature security organizations are realistic about the threats in today's digital environments and optimistic about their ability to meet future challenges. For example, while nearly 60% of leaders view networks as a vulnerability, 40% believe this problem will continue for another two years. To achieve this, leaders need to ensure that their current security investments such as endpoint detection and response; email, security, identity and access management; cloud access security brokerage; and integrated threat protection tools are properly configured and fully deployed.

5. Implement basic security features - Almost all cyber-attacks could be stopped if multi-factor authentication (MFA) was enabled, least privilege access, software updates, anti-malware installation and data protection were enforced. However, adoption of strong identity authentication remains low. It needs to start with identity: "Having strong identity protection in place, whether it's MFA, passwordless password removal (passwordless) or other defenses such as conditional access policies, minimizes the opportunity and makes it extremely difficult to conduct an attack" explains Christopher Glyer, director of Threat Intelligence at the Microsoft Threat Intelligence Center (MSTIC).

If organizations want to prevent ransomware attacks, they must limit the scope of damage and force attackers to work harder to gain access to multiple critical enterprise systems.