How to create an effective cyber hygiene program

This post is authored by Ann Johnson, Vice-President, Enterprise Cybersecurity Group. As noted in the 2016 Verizon Data Breach Incident Report, 63% of confirmed breaches involved leveraging weak, default or stolen passwords, 30% of phishing messages were opened in 2015, and 12% of targets clicked on the malicious attachment or link. Given this, organizations of all types can make significant gains in their security posture by educating their user base on … Read more »

Sharing Microsoft learnings from major cybersecurity incidents

This post is authored by Mark Simos, Director of Business Development and Strategy, Enterprise Cybersecurity Group Microsoft has assisted customers with investigation of, and recovery from cybersecurity attacks for well over a decade. This effort began informally when our IT department and product groups came to the aid of customers encountering attacks in their environment. Since those early days, the volume and complexity of incidents has required Microsoft to scale … Read more »

Upgraded Microsoft Trust Center adds rich new content

This post is authored by David Burt, Senior Product Manager, Cloud Platform Marketing A little over a year ago, we launched the Microsoft Trust Center at www.microsoft.com/trustcenter, which unified trust-related resources across our enterprise cloud services.  This week, we launched a completely redesigned and greatly expanded site with new content including EU General Data Protection Regulation (GDPR) guidance, audit reports, and security assessments. The Trust Center is an important part … Read more »

Detecting cyber threats

This post is authored by Joe Faulhaber, Senior Consultant ECG In today’s cyber threat landscape, it’s not a question of if an attack will occur, but who will attack and when. To keep enterprise data safe against global threats that include attackers as technically sophisticated as any defender, enterprises need to have world-class cyber defenses. This requires strong execution of security fundamentals, in-depth knowledge of the enterprise environment, and working … Read more »

Join us at RSA Conference. Here’s your event guide for connecting with Microsoft

The RSA Conference is fast approaching and the agenda is packed with the latest technology, trends, and people that help protect our digital data. We’ll be there sharing our unique perspective through keynotes, deep-dive sessions, and on the expo floor. Since planning your itinerary is a must to get the most out of RSA, here’s a preview of where and when you can learn about how Microsoft can help you … Read more »

Stopping cyberthreats in a new era

The explosive growth in the scale and sophistication of cyberthreats is remaking the security landscape. Today, it’s not a matter of if your organization’s data will be compromised, but a matter of when. Having a proactive protection strategy that includes pre- and post-breach components is critical to addressing advanced attacks. Fortunately, Windows 10 has comprehensive pre-breach solutions and with Windows Defender Advanced Threat Protection (ATP) we added a post-breach layer … Read more »

Confidence building measures can make a huge difference to the global online economy

The continuing advancements of the Internet and associated technologies have brought new opportunities to governments, businesses, and private citizens. At the same time, they have also exposed them to new risks. However, Internet adoption has not been even and countries or economies have come online in different ways and at varied paces. As a result, awareness of cyber risk and approaches to managing it can differ greatly between jurisdictions. This is a … Read more »

Microsoft’s Cyber Defense Operations Center shares best practices

This post is authored by Kristina Laidler, Security Principal, Cyber Security Services and Engineering Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. In 2016 alone, over 3 billion customer data records were breached in several high-profile attacks globally. As we look at current state of cybersecurity challenges today, we see the same types of attacks, but the sophistication and scope of each … Read more »

Rules-making in technology: Examining the past and predicting the future

Are the rules and regulations being put in place today, from the Chinese cybersecurity law to the EU’s General Data Protection Regulation (GDPR), going to be appropriate for the world 10 years from now? And if not, should this be of concern?  To answer these questions, we need to learn from the past. The technology concerns of 10 years ago are still with us in some ways, e.g. worries about … Read more »

Cybersecurity’s perfect storm

The unprecedented scale and sophistication of modern cyberthreats, combined with the rapidly disappearing IT perimeter, means that while preventing an attack from becoming a breach is ideal, it is no longer realistic. Microsoft proactively monitors the threat landscape for those emerging threats, to help better protect our customers. This involves observing the activities of targeted activity groups across billion of machines, which are often the first ones to introduce new … Read more »