Satya Nadella Vouches For Zero-Trust Security Approach

Microsoft Chairman and CEO Satya Nadella on Thursday said that zero-trust approach would be important in cybersecurity as digital technology becomes more pervasive.

Speaking at the Microsoft Future Ready Technology Summit in Bengaluru, Nadella said all of the technology community including developers will have to do their best to overcome the threats posed by cybercrimes as digital technology becomes ubiquitous with time.

He said that approximately USD 6 trillion was lost in 2021 due to cybercrimes and the number is projected to go past USD 10 trillion by 2025.

According to Check Point Research, global attacks increased by 28 per cent in the third quarter of 2022 compared to same period in 2021. The average weekly attacks per organisation worldwide reached over 1,130.

Nadella said the approach to take in the current scenario would be ‘zero-trust’.

Zero-trust approach perceives every endpoint to be threatened and monitors all of incoming and outgoing network traffic, assuming that there is a data breach. In layman’s terms, zero-trust approach trusts no one within an organisation’s network, whether external or internal, to prevent lateral propagation in a network.

Okta’s 2022 annual report zero-trust framework says that more than half of the organisations surveyed (55 per cent) have a zero-trust initiative in place and the vast majority (97 per cent) plan to have one in the coming 12 to 18 months.

“I always say to all our security teams, there should only be one victim of anything new [cybertheat]. That's the goal,” Nadella said.

He also emphasised that organisations need to build an end-to-end architecture, which does not consist of multiple data planes, multiple management planes, or multiple control planes. Nadella said that organisations need to have set policies and security posture that addresses the whole breadth from identity to device protection or endpoint protection to even application protection and the infrastructure used by applications. This allows an organisation to view all the data signals.

“Then, you can do all of the sophisticated machine learning on top of it to be able to then take that proactive step to protect,” he opined.

Microsoft works with many leading entities in India on the security front, including Axis Bank, Tata Digital, Indigo, Godrej, Flipkart and more.

Nadella also urged the developer community to respond to newer threats in a more “energised way” during his address in Bengaluru.