Microsoft Security Intelligence Report Volume 22 is now available

The latest volume of the Microsoft Security Intelligence Report is now available for free download at www.microsoft.com/sir. This new volume of the report includes threat data from the first quarter of 2017. The report also provides specific threat data for over 100 countries/regions. As mentioned in a recent blog, using the tremendous breadth and depth of signal and intelligence from our various cloud and on-premises solutions deployed globally, we investigate … Read more »

The world of eroding privacy: tips on how to stay secure

At the intersection of limes, teenagers, and privacy This post is authored by Ann Johnson, Vice President, Enterprise Cybersecurity Group. We will come to limes later in this blog, and they are relevant. But let me begin with one defining statement: I am the parent of a teenager, and the year is 2017. As the parent of an age group that is best described as unpredictable on good days, one … Read more »

Top 5 best practices to automate security operations

This post is authored by Jonathan Trull, Worldwide Executive Cybersecurity Advisor, Enterprise Cybersecurity Group. And by Vidhi Agarwal, Senior Security Program Manager, Microsoft Security Response Center (MSRC).  Within the information security community, one of the emerging areas of focus and investment is the concept of security automation and orchestration. Although the topic is not necessarily new, it has taken on increased importance due to several industry trends. Before diving into the … Read more »

5 Reasons why Microsoft should be your cybersecurity ally

When you think about cybersecurity, does Microsoft come to mind? Probably not. Here are 5 reasons why enterprises should consider partnering with Microsoft on cybersecurity: 1. Strong Commitment to Cybersecurity Significant security investments. Microsoft invests over $1 billion annually on security. Microsoft has invested significantly towards building security into our core technologies like Windows, Office, and Azure, and in making strategic acquisitions of security technologies that enhance the investments customers … Read more »

TLS 1.2 Support added to Windows Server 2008

This post is authored by Arden White, Senior Program Manager, Windows Servicing and Delivery. As a follow-up to our announcement regarding TLS 1.2 support at Microsoft we are announcing that support for TLS1.1/TLS 1.2 on Windows Server 2008 is now available for download as of July 18th, 2017. We’re offering this support in recognition that our customers have a strong demand for support for these newer protocols in their environment … Read more »

A commitment to security and transparency at Microsoft Inspire 2017

Microsoft Inspire (formerly Worldwide Partner Conference) gathered 16,000 attendees from around the world last week in Washington DC. At the event, Microsoft reaffirmed its commitment to its partners and its mission to “empower people to be more productive”. To kick off an exciting week, CEO Satya Nadella made five major announcements during the first vision keynote, including the introduction of Microsoft 365. Commitment to security and transparency During the vision … Read more »

Holistic security strategy: how greater integration improves detection and response time

Today’s attackers have moved beyond “smash and grab” tactics to more sophisticated methods intended to maintain a long-term presence. These evolving threats complicate detection efforts as many organizations have variety of point solutions that make it difficult to effectively detect advanced threats and attack campaigns. Piecemeal approaches create challenges and might hamper security. Each new solution deploys unique vendor-specific dashboards, consoles, and logs that don’t always integrate well. Because of … Read more »

Latin America is stepping up to the plate in cybersecurity policy

A year ago Inter-American Development Bank (IDB) and the Organization of American States (OAS) asked themselves a question about cybersecurity: “Are We Ready in Latin America and the Caribbean?”. The conclusion of their 200 page report was essentially “No”, raising an alarm about Latin America’s critical situation in the cybersecurity arena. The report showed that Latin America was extremely vulnerable to potentially devastating cyber-attacks. Four in five states did not … Read more »

Security Data Scientists Without Borders – Thoughts from our first Colloquium

The move to the cloud is changing the security landscape. As a result, there is a surging interest in applying data-driven methods to security. In fact, there is a growing community of talented people focused on security data science. We’ve been shedding our respective “badges” and meeting informally for years, but recently decided to see how much progress we might make against some of our bigger challenges with a more … Read more »

What are Confidence building measures (CBMs) and how can they improve cybersecurity?

Cyberspace security is too often viewed through a prism of technological terms and concepts. In my experience, even supposedly non-technical discussions of cyberspace quickly devolve into heated debates about “vulnerability coordination”, “the latest malware”, “the best analytical tools”, “threat information sharing”, and so on. While these are interesting and important topics, it is ultimately people and their personal perspectives – not technology – that largely shape governments’ political, diplomatic and … Read more »