Zero Trust access control has a lot to do to manage a risk each access request has. Thus, it has to be dynamic. Example: Bob has access to confidential sales information whilst he is in the office. Access to the same resources from China is denied unless he uses MFA and uses a company controlled device.
So, Zero Trust has a lot to do with implementing the risk appetite of your company! Even if there is a ransomware outbreak in a country, you could dynamically adjust the access requirements and access results.
Is that something you see also as a benefit for your company?
Identity Defined Security Alliance
Putting Identity at the Center of Security