Confidence building measures can make a huge difference to the global online economy

The continuing advancements of the Internet and associated technologies have brought new opportunities to governments, businesses, and private citizens. At the same time, they have also exposed them to new risks. However, Internet adoption has not been even and countries or economies have come online in different ways and at varied paces. As a result, awareness of cyber risk and approaches to managing it can differ greatly between jurisdictions. This is a … Read more »

Microsoft’s Cyber Defense Operations Center shares best practices

This post is authored by Kristina Laidler, Security Principal, Cyber Security Services and Engineering Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. In 2016 alone, over 3 billion customer data records were breached in several high-profile attacks globally. As we look at current state of cybersecurity challenges today, we see the same types of attacks, but the sophistication and scope of each … Read more »

Rules-making in technology: Examining the past and predicting the future

Are the rules and regulations being put in place today, from the Chinese cybersecurity law to the EU’s General Data Protection Regulation (GDPR), going to be appropriate for the world 10 years from now? And if not, should this be of concern?  To answer these questions, we need to learn from the past. The technology concerns of 10 years ago are still with us in some ways, e.g. worries about … Read more »

Cybersecurity’s perfect storm

The unprecedented scale and sophistication of modern cyberthreats, combined with the rapidly disappearing IT perimeter, means that while preventing an attack from becoming a breach is ideal, it is no longer realistic. Microsoft proactively monitors the threat landscape for those emerging threats, to help better protect our customers. This involves observing the activities of targeted activity groups across billion of machines, which are often the first ones to introduce new … Read more »

Should we retaliate in cyberspace?

This post is authored by Gene Burrus, Assistant General Counsel The hack of the San Francisco transit system and the subsequent hack back by a third party makes for a twenty-first century morality tale in some ways. The perpetrator of a ransomware blackmail is given a dose of his/her own medicine, undone by his/her own poor security practices. Painted at a larger scale however, is the picture we see equally … Read more »

Microsoft Enterprise Threat Detection

This post is authored by Joe Faulhaber, Senior Consultant ECG Overview The Microsoft Enterprise Cybersecurity Group (ECG) consists of three pillars: Protect, Detect, and Respond. Protection in depth is always the best defense, and being able to respond to incidents and recover is key to business continuity. Solid protection and rapid response capability are tied together by detection and intelligence, and the Enterprise Threat Detection (ETD) service enables detection in … Read more »

Azure Backup protects against ransomware

According to the most recent CRN Quarterly Ransomware Report, malicious infrastructure attacks increased 3500% in 2016 and the percentage is expected to increase in 2017. One important way that organizations can help protect against losses in a ransomware attack is to have a backup of business critical information in case other defenses fail. Since ransomware attackers have invested heavily into neutralizing backup applications and operating system features like volume shadow … Read more »

Microsoft Security Intelligence Report Volume 21 is now available

The latest volume of the Microsoft Security Intelligence Report is now available for free download at www.microsoft.com/sir. This new volume of the report includes threat data from the first half of 2016 as well as longer term trend data on industry vulnerabilities, exploits, malware, and malicious websites. The report also provides specific threat data for over 100 countries/regions. Our Featured Intelligence content for this volume of the report includes three … Read more »

Cybersecurity norms challenge remains

Despite the differences that exist between governments, there is a growing recognition around the world that attacks on the security and stability of the Internet threaten all nations’ interests. The reality driving this alignment is that both emerging and developed economies are internet-dependent and, equally significantly, that malicious actors can use ubiquitous technologies to attack critical systems and infrastructure. While cybercrime by non-state actors must be dealt with, it is … Read more »

How much time do you spend on false security alerts?

The latest data on global threats—from malicious websites and untrusted IPs to malware and beyond—can help a company detect threats and rapidly respond. The challenge is that threat intelligence feeds are, at best, uneven in quality. Close to 70 percent of information security professionals say current threat feeds have a significant issue with timeliness, and only 31 percent rated their threat intelligence as very accurate. This lack of accuracy means … Read more »