Protecting Identities in the Cloud: Mitigating Password Attacks

We just released a new volume of the Microsoft Security Intelligence Report. Included in the report, for the first time, is security data from the Microsoft cloud that reveals how we are leveraging an intelligent security graph to inform how we protect endpoints, better detect attacks and accelerate our response, to help protect our customers. In November we outlined Microsoft’s new approach to how we Protect, Detect and Respond to … Read more »

Global cybersecurity policy: Finding a balance between security and competitiveness

Over the past decade, billions around the world have benefited from the exponential growth of the online environment and associated economic opportunities. However, this pervasive use of computing has also given rise to the more nefarious elements of the criminal underworld. As a result, cybersecurity is now a major concern for organizations and the global cybersecurity market is forecast to be worth US$170 billion by 2020, growing in step with … Read more »

What will cybersecurity look like in the next decade?

Earlier this year the New America Foundation organized its annual “Cybersecurity for a new America” Summit. This year’s focus was on shaping the cybersecurity of the future. Speakers tackled the evolution of cyberspace and the implications for cybersecurity. They explored and examined questions such as How will we secure growing networks of cars, health devices and other “things”? What can we do to ensure that our cyber workforce is more … Read more »

A call to raise awareness and adoption of vulnerability disclosure and handling best practices

Over the past few years, technology companies have increasingly moved toward partnering with security researchers to better protect their products, services, and customers. Recognizing that vulnerability research is a valuable part of securing the online environment, they have matured programs to work together with researchers in receiving, triaging, and responding to reports. Microsoft’s focus on coordinating with researchers has developed over time. As we launched our first BlueHat Briefing in … Read more »

Ransomware: Understanding the Risk

Ransomware is a type of malware that holds computers or files for ransom by encrypting files or locking the desktop or browser on systems that are infected with it, then demanding a ransom in order to regain access. Criminals have used high pressure techniques to get victims to pay the ransom, such as: Make encrypted data unrecoverable after a certain period of time Threaten to post captured (potentially sensitive) data … Read more »

Microsoft Trust Center adds new cloud services and certifications

The Microsoft Trust Center is expanding, and today we’re adding more of our enterprise cloud services—Microsoft Commercial Support, Microsoft Dynamics AX, and Microsoft Power BI. These services join Microsoft Azure, Microsoft Dynamics CRM Online, Microsoft Intune, and Microsoft Office 365 into the Trust Center. Additionally, we are adding two new compliance attestations, ENS in Spain and FACT in the UK. These two new certifications, added to those announced in March—CS … Read more »

Microsoft Trusted Cloud Security Summit

Earlier this month, Microsoft hosted its third Trusted Cloud Security Summit in Washington DC. The event brought together a wide range of security stakeholders from the different Microsoft cloud offerings and over a 100 federal department and agency participants, particularly those looking to adapt the FedRAMP High baseline, such as the Department of Homeland Security, Federal Bureau of Investigations, Department of Justice, State Department, the Treasury and the Food and … Read more »

What’s The Art of War got to do with cybercrime? Quite a bit, actually.

Sun Tzu wrote that mastery in the art of war is about subduing one’s enemy without having to fight. As the modern world contends with increasingly sophisticated cyberattacks from both criminal and political adversaries, this 2500-year-old cliché is key to enterprise security strategy. Today, the “bad guys” of the Internet are both professional in their business tactics and entrepreneurial in how they leverage opportunity. They’re well-organized and use a mature … Read more »

Microsoft Cloud App Security is generally available

Today, we are announcing that Microsoft Cloud App Security is now generally available as the latest addition to the secure platform we are building at Microsoft. Cloud App Security, based on our Adallom acquisition, is a comprehensive cloud-delivered service built for IT and security teams to help combat one of the top security concerns today: “How can we gain deeper visibility, stronger controls and enhanced protection for cloud apps?” The … Read more »

IoT webinar covers security tips for expanding interconnections

Cloud computing. Big data. The Internet of Things (IoT). Today, the continuous connection of smart products is unmatched at improving customer connections and providing opportunities for businesses to differentiate their products and services. You can listen to social buzz, see how people are using products and services in real time, and enhance your customers’ experiences with rolling feature updates. At the same time, the always-on interconnectedness opens up attractive attack … Read more »