Microsoft Enterprise Threat Detection

- Microsoft Secure Blog Staff - Microsoft

This post is authored by Joe Faulhaber, Senior Consultant ECG Overview The Microsoft Enterprise Cybersecurity Group (ECG) consists of three pillars: Protect, Detect, and Respond. Protection in depth is always the best defense, and being able to respond to incidents and recover is key to business continuity. Solid protection and rapid response capability are tied together by detection and intelligence, and the Enterprise Threat Detection (ETD) service enables detection in … Read more »

Azure Backup protects against ransomware

- Microsoft Secure Blog Staff - Microsoft

According to the most recent CRN Quarterly Ransomware Report, malicious infrastructure attacks increased 3500% in 2016 and the percentage is expected to increase in 2017. One important way that organizations can help protect against losses in a ransomware attack is to have a backup of business critical information in case other defenses fail. Since ransomware attackers have invested heavily into neutralizing backup applications and operating system features like volume shadow … Read more »

Microsoft Security Intelligence Report Volume 21 is now available

- Microsoft Secure Blog Staff - Microsoft

The latest volume of the Microsoft Security Intelligence Report is now available for free download at www.microsoft.com/sir. This new volume of the report includes threat data from the first half of 2016 as well as longer term trend data on industry vulnerabilities, exploits, malware, and malicious websites. The report also provides specific threat data for over 100 countries/regions. Our Featured Intelligence content for this volume of the report includes three … Read more »

Cybersecurity norms challenge remains

- Paul Nicholas - Senior Director, Trustworthy Computing

Despite the differences that exist between governments, there is a growing recognition around the world that attacks on the security and stability of the Internet threaten all nations’ interests. The reality driving this alignment is that both emerging and developed economies are internet-dependent and, equally significantly, that malicious actors can use ubiquitous technologies to attack critical systems and infrastructure. While cybercrime by non-state actors must be dealt with, it is … Read more »

How much time do you spend on false security alerts?

- Microsoft Secure Blog Staff - Microsoft

The latest data on global threats—from malicious websites and untrusted IPs to malware and beyond—can help a company detect threats and rapidly respond. The challenge is that threat intelligence feeds are, at best, uneven in quality. Close to 70 percent of information security professionals say current threat feeds have a significant issue with timeliness, and only 31 percent rated their threat intelligence as very accurate. This lack of accuracy means … Read more »

Security in agile development

- Microsoft Secure Blog Staff - Microsoft

This post is authored by Talhah Mir, Principal PM Manager, WWIT CP ISRM ACE Most enterprises’ security strategies today are multifaceted – encompassing securing a variety of elements of their IT environment including identities, applications, data, devices, and infrastructure. This also includes driving or supporting security training and changes in culture and behavior for a more secure enterprise. But, security really starts at the fundamental core, at the software development level. … Read more »

Disrupting the kill chain

- Microsoft Secure Blog Staff - Microsoft

This post is authored by Jonathan Trull, Worldwide Executive Cybersecurity Advisor, Enterprise Cybersecurity Group. The cyber kill chain describes the typical workflow, including techniques, tactics, and procedures or TTPs, used by attackers to infiltrate an organization’s networks and systems.  The Microsoft Global Incident Response and Recovery (GIRR) Team and Enterprise Threat Detection Service, Microsoft’s managed cyber threat detection service, identify and respond to thousands of targeted attacks per year.  Based … Read more »

The four necessities of modern IT security

- Microsoft Secure Blog Staff - Microsoft

As companies embrace the cloud and mobile computing to connect with their customers and optimize their operations, they take on new risks. Traditional IT boundaries have disappeared, and adversaries have many new attack vectors. Even with a bevy of security tools already deployed, IT teams are having to process a lot of data and signal that makes it hard to find and prioritize relevant threats.  Solutions often compromise end-user productivity … Read more »

The Budapest Convention on Cybercrime – 15th Anniversary

- Microsoft Secure Blog Staff - Microsoft

This post was authored by Gene Burrus, Assistant General Counsel November 2016 marks the 15th anniversary of the Convention on Cybercrime of the Council of Europe, commonly referred to as the Budapest Convention. The treaty is the preeminent binding international instrument in the area of cybercrime. It serves as a guideline for countries developing national legislation and provides a framework for international cooperation between countries’ law enforcement agencies, so critical … Read more »

Securing the new BYOD frontline: Mobile apps and data

- Microsoft Secure Blog Staff - Microsoft

With personal smartphones, tablets, and laptops becoming ubiquitous in the workplace, bring your own device (BYOD) strategies and security measures have evolved. The frontlines have shifted from the devices themselves to the apps and data residing on—or accessed through—them. Mobile devices and cloud-based apps have undeniably transformed the way businesses operate. But they also introduce new security and compliance risks that must be understood and mitigated. When personal and corporate … Read more »