Cyberspace 2025 Student Essay Contest

Posted by: Kevin Sullivan, Principal Security Strategist, Trustworthy Computing When Sam Coxwell submitted his entry to last year’s Microsoft cybersecurity essay contest, he was focused on one thing, winning.  His entry “Cybercrime: Why does it pay, and what can we do about it?” centered on the future of cybersecurity policy research.  It was one of 48 entries we received from students around the world researching the complexities that impact cybersecurity … Read more »

Risk Meets Reward: Windows Phone 8.1 Security Overview

Flying cars, intergalactic travel, and transporters are not the commonplace items in 2014 that were envisioned for the future throughout the twentieth century. Still, when considering the shoe phone from the television series “Get Smart” through to the fairly limited functionality of the Star Trek communicator, mobile phones might be the single best example of technology that has lived up to our science fiction dreams. Not only can we make … Read more »

Industry Vulnerability Disclosures Trending Up

0825_Untitled

A vulnerability disclosure, as the term is used in the Microsoft Security Intelligence Report, is the revelation of a software vulnerability to the public at large. Disclosures can come from a variety of sources, including publishers of the affected software, security software vendors, independent security researchers, and even malware creators. The vulnerability disclosure data in the Security Intelligence Report is compiled from vulnerability disclosure data that is published in the … Read more »

Topics from Cybersecurity Bootcamp #1 – Cyber Hygiene

bootcamp_sign_57EC5C91

This past week I was privileged to attend Stanford’s inaugural cybersecurity boot camp, where two dozen congressional staffers joined academic and industry experts to discuss ways to protect he government, the public and industry from cyber threats. For me, it was encouraging to see congressional staff members deeply engaged in security and threat discussions on a range of cybersecurity topics and it was a good reminder of how broad a … Read more »

Major Rights Management Update to Office and Azure

3542_2_png-550x0

For many of the CISOs I talk to regularly, data leakage prevention continues to be a topic of high interest. Whether using either a cloud service or an on premise solution there are a number of reasons that it is important to protect the workplace documents you share with others. To date, data protection technologies have become increasingly more complex in order to support the number of devices and platforms … Read more »

What will cybersecurity look like in 2025?, Part 3: How Microsoft is shaping the future of cybersecurity

Cybersecurity 2025 part 1

Today’s post concludes our three-part series on Cyberspace 2025: Today’s Decisions, Tomorrow’s Terrain which presented three views of the world and cyberspace in 2025—Plateau, Peak, and Canyon. PEAK – the Peak scenario represents a world of innovation, where information and communications technology (ICT) fulfills its potential to strengthen governance models, economies and societies PLATEAU –  the Plateau scenario is a “status quo” world, in which political, economic and societal forces … Read more »

What will cybersecurity look like in 2025?, Part 2: Microsoft envisions an optimistic future

Cybersecurity 2025 part 1

The future of cybersecurity will be influenced by more than just technical factors like the spread of malware, or even targeted cyber-attacks.  Global responses to social issues such as population growth, educational investments, or even trade liberalization will also play a significant role.  Continuing our series examining what cybersecurity will look like in the year 2025, let’s look at how the technology and social policy decisions addressing important issues, will … Read more »

IE increases protections, implements “out-of-date ActiveX control blocking”

Last week, Internet Explorer announced important changes it will be making to better protect customers from cybercriminal attacks.  Beginning on September 9, Internet Explorer will block out-of-date ActiveX controls, such as older versions of the Oracle Java Runtime Environment (JRE) as part of the August 2014 release of MS14-051 Cumulative Security Update for Internet Explorer (2976627).  ActiveX controls are small programs, sometimes called add-ons that are used by web sites … Read more »

What will cybersecurity look like in 2025?, Part 1: The catalysts that will shape the future

Cybersecurity 2025 part 1

Cybersecurity challenges are emerging not just from the commonly recognized sources – criminals, malware, or even targeted cyber-attacks – they can grow from public policies as well.  A research report we released last month, Cyberspace 2025: Today’s Decisions, Tomorrow’s Terrain, seeks to look over the horizon and beyond technical trends to anticipate future catalysts for change as well as equip policy makers for tomorrow’s digital landscape. Read more

Get advance notice about August 2014 security updates

DesignForFail4

Today, the Microsoft Security Response Center (MSRC) posted details about the August security updates. If you have automatic updating turned on, most of these updates will download and install on their own. Sometimes you may need to provide input for Windows Update during an installation. In this case, you’ll see an alert in the notification area at the far right of the taskbar—be sure to click it. In Windows 8, Windows will … Read more »