Disrupting the kill chain

This post is authored by Jonathan Trull, Worldwide Executive Cybersecurity Advisor, Enterprise Cybersecurity Group. The cyber kill chain describes the typical workflow, including techniques, tactics, and procedures or TTPs, used by attackers to infiltrate an organization’s networks and systems.  The Microsoft Global Incident Response and Recovery (GIRR) Team and Enterprise Threat Detection Service, Microsoft’s managed cyber threat detection service, identify and respond to thousands of targeted attacks per year.  Based … Read more »

Securing the new BYOD frontline: Mobile apps and data

With personal smartphones, tablets, and laptops becoming ubiquitous in the workplace, bring your own device (BYOD) strategies and security measures have evolved. The frontlines have shifted from the devices themselves to the apps and data residing on—or accessed through—them. Mobile devices and cloud-based apps have undeniably transformed the way businesses operate. But they also introduce new security and compliance risks that must be understood and mitigated. When personal and corporate … Read more »

Managing cloud security: Four key questions to evaluate your security position

As cloud computing and the Internet of Things (IoT) continue to transform the global economy, businesses recognize that securing enterprise data must be viewed as an ongoing process. Securing the ever-expanding volume, variety, and sources of data is not easy; however, with an adaptive mindset, you can achieve persistent and effective cloud security. The first step is knowing the key risk areas in cloud computing and IoT processes and assessing … Read more »

Introducing the Microsoft Secure blog

For the past ten years on this blog we have shared Microsoft’s point of view on security, privacy, reliability, and trust. It has become the place to go for in-depth articles on Microsoft products and services, as well as tips and recommendations for improving security in your organization. Last November, Microsoft CEO Satya Nadella outlined our new approach to cybersecurity — one that leverages Microsoft’s unique perspective on threat intelligence, … Read more »

New Microsoft Azure Security Capabilities Now Available

In November, Microsoft CEO Satya Nadella outlined a new comprehensive, cross company approach to security for our mobile-first, cloud-first world. To support this approach, Microsoft invests more than a billion dollars in security research and development, every year. Today we are announcing the general availability of key security capabilities in the Microsoft Cloud, which are products of this research and development investment: Azure Security Center, Azure Active Directory Identity Protection, … Read more »

Connecting the dots to get ahead of your next security challenge

It is turbulent times we live in. The same technology that provides unprecedented global connections and productivity also provides hackers unprecedented surface area to commit headline-earning crimes. That’s why Microsoft is investing over $1 billion annually in security capabilities and connecting dots across the critical endpoints of today’s cloud and mobile world to help you keep up with security challenges. Join Ann Johnson and myself as we talk about the … Read more »

Dream Team for Moving to the Cloud

The U.S. men’s basketball team suffering defeat, placing third even, at the 1988 Summer Olympics, in which the U.S. should unquestionably have dominated, renewed calls to use professional athletes in the games. The following year it was agreed, and U.S. basketball asked the NBA to supply players for the upcoming 1992 games in Barcelona. The Dream Team was assembled. What followed was a phenomenon like no one had anticipated. Of … Read more »

Microsoft publishes guide for secure and efficient integration of cloud services into government operations

Estimates show that the global cloud computing market grew by 28 percent last year. Cloud is becoming an established technology for conducting and enabling business. Likewise, around the world, public sector cloud adoption is on the rise. The IDC predicts that public sector spending on cloud services will grow to $128 billion by 2018, more than doubling the amount spent in 2014. Governments are no longer determining if they’ll move … Read more »

Hacking Team Breach: A Cyber Jurassic Park

Paleontology is the scientific study of the life of long-extinct animals. Paleontologists hypothesize about the behavior of the different species of dinosaurs, sometimes based on a few collected fossils and bones. We can only imagine how much more they were able to learn if they had a chance to observe some living herds of dinosaurs. Incident Response (IR) is the cyber equivalent of paleontology. In most cases, IR experts are … Read more »

Estonia leading the way in driving digital continuity for government services

We are at the threshold of unprecedented value creation for industry and society, driven by the accelerating pace of change enabled through digital technology. Whether it is about bringing together patient records so they can be shared quickly for better patient outcomes, or reimagining connectivity and predictive maintenance for cars to meet the expectations of road safety, digital transformation is changing how we work and live. Called the Fourth Industrial … Read more »