{"id":42370,"date":"2021-08-17T16:00:36","date_gmt":"2021-08-17T16:00:36","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=95586"},"modified":"2021-08-17T16:00:36","modified_gmt":"2021-08-17T16:00:36","slug":"microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/","title":{"rendered":"Microsoft and NIST collaborate on EO to drive Zero Trust adoption"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2021\/08\/SEC20_Security_035.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>2020\u2019s Nobelium attack sent shock waves through both government and private sectors. 2021 has already seen large-scale nation-state attacks such as Hafnium<sup>1<\/sup>&nbsp;alongside major ransomware attacks<sup>2 <\/sup>on critical infrastructure. The breadth and boldness of these attacks show that, far from being deterred, bad actors are becoming more brazen and sophisticated. To help protect US national security, the White House on May 12, 2021, issued Presidential Executive Order (EO) 14028 on Improving the Nation\u2019s Cybersecurity<sup>3<\/sup>. This EO mandates \u201csignificant investments\u201d to help protect against malicious cyber threats:<\/p>\n<blockquote>\n<p>\u201cThe Federal Government must bring to bear the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid\u2026security must include systems that process data (information technology (IT)) and those that run the vital machinery that ensures our safety (operational technology (OT)).\u201d<\/p>\n<\/blockquote>\n<p>Executive Order 14028 also states the \u201cprivate sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace.\u201d<\/p>\n<p>Section 3 of the EO required federal agencies to develop a plan to adopt a Zero Trust Architecture.&nbsp;This blog post will discuss how Microsoft is continuing to help with the implementation of <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/zero-trust\" target=\"_blank\" rel=\"noopener\">Zero Trust<\/a> to fulfill these directives.<\/p>\n<h2>How is Microsoft helping to implement EO 14028?<\/h2>\n<p>The <a href=\"https:\/\/www.nist.gov\/itl\/executive-order-improving-nations-cybersecurity\" target=\"_blank\" rel=\"noopener\">National Institute of Standards and Technology<\/a> (NIST) is one of the agencies chartered with creating the cybersecurity standards and requirements outlined in Executive Order 14028. Microsoft is working with NIST\u2019s <a href=\"https:\/\/www.nccoe.nist.gov\/\" target=\"_blank\" rel=\"noopener\">National Cybersecurity Center of Excellence<\/a> (NCCoE) on the <a href=\"https:\/\/www.nccoe.nist.gov\/projects\/building-blocks\/zero-trust-architecture\" target=\"_blank\" rel=\"noopener\">Implementing a Zero Trust Architecture Project<\/a> to develop practical, interoperable approaches to designing and building Zero Trust architectures that align with the tenets and principles documented in <a href=\"https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-207.pdf\" target=\"_blank\" rel=\"noopener\">NIST SP 800-207, Zero Trust Architecture<\/a>. The NCCoE public-private partnership applies standards and best practices to develop modular, easily adaptable examples of cybersecurity solutions by using commercially available technology.<\/p>\n<p>Much of the technology required to execute the roadmap is already in place at many agencies\u2014they simply need to activate and fine-tune existing capabilities. To this end, Microsoft has identified <a href=\"https:\/\/cloudblogs.microsoft.com\/industry-blog\/microsoft-in-business\/government\/2021\/06\/24\/mapping-the-cybersecurity-executive-order-milestones\/\" target=\"_blank\" rel=\"noopener\">five of the most impactful scenarios<\/a> agencies should build towards EO 14028. These reference architectures are mapped against key NIST requirements for Zero Trust while including other EO priorities, such as <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/defender-endpoint\/overview-endpoint-detection-response?view=o365-worldwide\" target=\"_blank\" rel=\"noopener\">endpoint detection and response<\/a> (EDR), <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/identity-access-management\/mfa-multi-factor-authentication\" target=\"_blank\" rel=\"noopener\">multifactor authentication<\/a>, and continuous monitoring.<\/p>\n<ul>\n<li><strong>Scenario 1: Cloud-ready authentication apps:<\/strong> Many agencies are already on their way toward secure baselines for software as a service (SaaS) using best-practice approaches around ID configuration for <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\" target=\"_blank\" rel=\"noopener\">Office 365<\/a>, implementing strong multifactor authentication, and enforcing requirements with <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/overview\" target=\"_blank\" rel=\"noopener\">Conditional Access<\/a> policies. This work can be easily extended to other SaaS applications and custom claims-based applications.<\/li>\n<li><strong>Scenario 2: Web apps with legacy authentication:<\/strong> For applications that can\u2019t be easily rewritten for modern authentication, agencies can use the <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/app-proxy\/application-proxy\" target=\"_blank\" rel=\"noopener\">Azure Active Directory (Azure AD) Application Proxy<\/a>. This architecture builds on the Azure AD foundation to extend Zero Trust to legacy systems. Application Proxy also provides outbound-only connectivity and much more restrictive access than a VPN solution.<\/li>\n<li><strong>Scenario 3: Remote server administration:<\/strong> Simplify secure remote administration by layering with a strongly authenticated administrator account and privileged-access workstation. This reduces the attack surface area, preventing unsanctioned server-to-server management by requiring multifactor authentication and allow-listed admin devices for server administration via <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/active-directory\/\" target=\"_blank\" rel=\"noopener\">Azure AD<\/a> Conditional Access. The result is a high level of assurance for multi-cloud and hybrid server administration.<\/li>\n<li><strong>Scenario 4: Segment cloud administration:<\/strong> This design pattern allows agencies to administer Microsoft and non-Microsoft workloads from isolated, dedicated, and segmented administrator accounts. Once this pattern is implemented, auditing controls should also be introduced to ensure that privilege segmentation remains in effect.<\/li>\n<li><strong>Scenario 5: Network micro-segmentation:<\/strong> Agencies must establish multiple levels of segmentation to achieve both secure control and data planes. Azure native capabilities allow agencies to apply a consistent micro-segmentation strategy to protect against threats, implement defense in-depth, and achieve policy-enforced continuous monitoring at a granular level.<\/li>\n<\/ul>\n<h2>What is Zero Trust\u2019s role in EO 10428?<\/h2>\n<p>Vasu Jakkal, Microsoft\u2019s Corporate Vice President of Security, Compliance, and Identity, recently outlined <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/06\/30\/the-critical-role-of-zero-trust-in-securing-our-world\/\" target=\"_blank\" rel=\"noopener\">The critical role of Zero Trust in securing our world<\/a>. In her blog post, she mentions Section 3 of EO 14028 calling for \u201cdecisive steps\u201d for the federal government \u201cto modernize its approach to cybersecurity\u201d by accelerating the move to secure cloud services and Zero Trust implementation\u2014including a mandate of multifactor authentication and end-to-end encryption of data.<\/p>\n<p><strong>Section 3(b)(ii) of EO 14028<\/strong> outlines that agencies should \u201cdevelop a plan to implement Zero Trust Architecture, which shall incorporate, as appropriate, the migration steps that the National Institute of Standards and Technology (NIST) within the Department of Commerce has outlined in standards and guidance, describe any such steps that have already been completed, identify activities that will have the most immediate security impact, and include a schedule to implement them.\u201d<\/p>\n<p>Microsoft applauds this recognition of the Zero Trust strategy as a cybersecurity best practice, as well as the White House encouragement of the private sector to take \u201cambitious measures\u201d in the same direction as the EO guidelines.<\/p>\n<h2>What can we expect from NCCoE?<\/h2>\n<blockquote>\n<p>\u201cThe telework tidal wave and increasing cybersecurity breaches and ransomware attacks have made implementing a Zero Trust architecture a federal mandate and a business imperative. We look forward to working with our project collaborators, such as Microsoft, to deliver timely, informed technical \u2018how-to\u2019 guidance and example implementations of Zero Trust architectures to assist federal agencies and other industry sectors with their Zero Trust journeys.\u201d\u2014Kevin Stine, Chief of the Applied Cybersecurity Division in the National Institute of Standards and Technology\u2019s Information Technology Laboratory (ITL)<\/p>\n<\/blockquote>\n<p>The proposed example solutions will integrate commercial and open-source products to showcase the robust security features of Zero Trust architecture when applied to common enterprise IT use cases.* The goal of this NCCoE project is to build several examples of a Zero Trust architecture\u2014applied to a conventional, general-purpose enterprise IT infrastructure\u2014that are designed and deployed using commercially available technology, and that are aligned with the concepts and tenets documented in NIST SP 800-207, Zero Trust Architecture.<\/p>\n<p>The example solutions will be shared publicly in a NIST Special Publication (SP) 1800 series document. Each SP 1800 series publication generally serves as a \u201chow-to\u201d guide to implement and apply standards-based cybersecurity technologies in the real world. The guides are designed to help organizations gain efficiencies in implementing cybersecurity technologies while saving them research and proof-of-concept costs.<\/p>\n<h3>This SP 1800 series of publications will provide:<\/h3>\n<ul>\n<li>Detailed example solutions and capabilities.<\/li>\n<li>Demonstrated how-to approaches using multiple products to achieve the same end result.<\/li>\n<li>Modular guidance on the implementation of capabilities to organizations of all sizes<\/li>\n<li>All necessary components, along with installation, configuration, and integration information, so organizations can easily replicate solutions.<\/li>\n<\/ul>\n<h2>Additional resources<\/h2>\n<p>As part of our continuing support for federal agencies, Microsoft\u2019s Chief Technology Officer, Jason Payne, has outlined <a href=\"https:\/\/cloudblogs.microsoft.com\/industry-blog\/microsoft-in-business\/government\/2021\/06\/17\/the-cybersecurity-executive-order-whats-next-for-federal-agencies\/\" target=\"_blank\" rel=\"noopener\">recommended next steps for federal agencies<\/a>. We also provide a downloadable PDF of key <a href=\"https:\/\/aka.ms\/FederalZeroTrustScenarios\" target=\"_blank\" rel=\"noopener\">Zero Trust Scenario Architectures<\/a> mapped to NIST standards, as well as a downloadable PDF <a href=\"https:\/\/aka.ms\/FederalZeroTrustPlan\" target=\"_blank\" rel=\"noopener\">Zero Trust Rapid Modernization Plan<\/a>. These resources provide concrete steps to help agencies meet aggressive EO timelines, as well as improve their baseline cybersecurity posture. For a quick overview of the NCCoE Zero Trust architecture project, organizations can download the <a href=\"https:\/\/www.nccoe.nist.gov\/sites\/default\/files\/library\/fact-sheets\/zt-arch-fact-sheet.pdf\" target=\"_blank\" rel=\"noopener\">Implementing a Zero Trust Architecture Project Factsheet<\/a>.<\/p>\n<p>Other Microsoft resources include:<\/p>\n<ul>\n<li>Downloadable <a href=\"https:\/\/aka.ms\/Zero-Trust-Vision\" target=\"_blank\" rel=\"noopener\">Zero Trust Maturity Model<\/a>: details how Microsoft defines Zero Trust and breaks down solutions across identities, endpoints, applications, networks, infrastructure, and data.<\/li>\n<li><a href=\"https:\/\/info.microsoft.com\/ww-landing-Zero-Trust-Assessment.html\" target=\"_blank\" rel=\"noopener\">Zero Trust Assessment tool<\/a>: helps evaluate your organization\u2019s progress in the Zero Trust journey and offers suggestions for next steps.<\/li>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/security\/zero-trust\/\" target=\"_blank\" rel=\"noopener\">Zero Trust Guidance Center<\/a>: offers step-by-step guidance on implementing Zero Trust principles, as well as technical guidance on deployment, integration, and development.<\/li>\n<\/ul>\n<p>Watch for ongoing updates from Microsoft on EO 14028. Follow <a href=\"https:\/\/twitter.com\/NIST\" target=\"_blank\" rel=\"noopener\">@NIST<\/a> and <a href=\"https:\/\/twitter.com\/NISTcyber\" target=\"_blank\" rel=\"noopener\">@NISTCyber<\/a> on Twitter and <a href=\"https:\/\/www.linkedin.com\/company\/nist\/\" target=\"_blank\" rel=\"noopener\">LinkedIn<\/a>.<\/p>\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/solutions\" target=\"_blank\" rel=\"noopener\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noopener\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<hr>\n<p><sup>1<\/sup><a href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2021\/03\/02\/new-nation-state-cyberattacks\/\" target=\"_blank\" rel=\"noopener\">New nation-state cyberattacks<\/a>, Tom Burt, Microsoft Security, 2 March 2021.<\/p>\n<p><sup>2<\/sup><a href=\"https:\/\/www.forbes.com\/sites\/forbestechcouncil\/2021\/07\/20\/turning-up-the-heat-a-ransomware-attack-on-critical-infrastructure-is-a-nightmare-scenario\/?sh=168847fb1da0\" target=\"_blank\" rel=\"noopener\">Turning Up The Heat: A Ransomware Attack on Critical Infrastructure Is a Nightmare Scenario<\/a>, Richard Tracy, Forbes Technology Council, Forbes, 20 July 2021.<\/p>\n<p><sup>3<\/sup><a class=\"x-hidden-focus\" href=\"https:\/\/www.whitehouse.gov\/briefing-room\/statements-releases\/2021\/05\/12\/fact-sheet-president-signs-executive-order-charting-new-course-to-improve-the-nations-cybersecurity-and-protect-federal-government-networks\/\" target=\"_blank\" rel=\"noopener\">President Signs Executive Order Charting New Course to Improve the Nation\u2019s Cybersecurity and Protect Federal Government Networks<\/a>, The White House, 12 May 2021.<\/p>\n<p>*NIST does not evaluate commercial products under this consortium and does not endorse any product or service used. Additional information on this consortium <a href=\"https:\/\/www.nccoe.nist.gov\/zerotrust\" target=\"_blank\" rel=\"noopener\">can be found here<\/a>.<\/p>\n<p> READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/08\/17\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn how Microsoft is helping federal agencies to implement standards-based cybersecurity technologies such as NIST and Zero Trust in the real world.<br \/>\nThe post Microsoft and NIST collaborate on EO to drive Zero Trust adoption appeared first on Microsoft Security Blog. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":42371,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[347,3677],"class_list":["post-42370","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cybersecurity","tag-zero-trust"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft and NIST collaborate on EO to drive Zero Trust adoption 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft and NIST collaborate on EO to drive Zero Trust adoption 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-17T16:00:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft and NIST collaborate on EO to drive Zero Trust adoption\",\"datePublished\":\"2021-08-17T16:00:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/\"},\"wordCount\":1420,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg\",\"keywords\":[\"Cybersecurity\",\"Zero Trust\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/\",\"name\":\"Microsoft and NIST collaborate on EO to drive Zero Trust adoption 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg\",\"datePublished\":\"2021-08-17T16:00:36+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg\",\"width\":1200,\"height\":800},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft and NIST collaborate on EO to drive Zero Trust adoption\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft and NIST collaborate on EO to drive Zero Trust adoption 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft and NIST collaborate on EO to drive Zero Trust adoption 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-08-17T16:00:36+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft and NIST collaborate on EO to drive Zero Trust adoption","datePublished":"2021-08-17T16:00:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/"},"wordCount":1420,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg","keywords":["Cybersecurity","Zero Trust"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/","name":"Microsoft and NIST collaborate on EO to drive Zero Trust adoption 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg","datePublished":"2021-08-17T16:00:36+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/08\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption.jpg","width":1200,"height":800},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-and-nist-collaborate-on-eo-to-drive-zero-trust-adoption\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"Microsoft and NIST collaborate on EO to drive Zero Trust adoption"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=42370"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/42370\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/42371"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=42370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=42370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=42370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}