With the increasing prevalence of network attacks against specific targets, the protection of network information security has become an urgent issue. The Zero Trust Architecture (ZTA) was proposed under this circumstance, and many enterprises, organizations or government agencies began to re-examine the suitability of the previous protection that focused on the separation of internal and external networks. Starting from the fundamental concepts of ZTA, this article introduces the operation mechanism of ZTA for readers understanding the difference between the traditional network and ZTA in various aspects. Second, through the observation and tracking of the relevant policy promotion situation of important countries in the world, in addition to showing that the ZTA is indeed recognized by all countries and may be an effective solution to the threat of network information security, it can also observe the situation in which countries are located. Thirdly, this article takes the Cyber Security Management Act, which is the most directly related regulation to information security currently in Taiwan as the main point, followed by the steps of introducing ZTA. Through the comparison, the article may find out whether the regulation is sufficient for introducing the ZTA. Finally, this article makes legal and policy recommendations for government agencies to promote ZTA.