Microsoft Security Intelligence Report: Cybersecurity Professionals Must Stay Many Steps Ahead
The Microsoft Security Intelligence Report (SIR) was recently released for 2018, with both good and bad news for cybersecurity professionals and companies.
What Did The Microsoft Security Intelligence Report Reveal?
Based on data from Microsoft’s Detection and Response Team (DART), attackers used a variety of tricks, both new (coin-mining) and old (phishing), in their ongoing quest to steal data and resources from customers and organizations.
And as defenders got smarter against ransomware, criminals pivoted to the more “stealth,” but still profitable, coin-miners. While it may often seem that attackers are one step ahead, the SIR reports that defenders and cybersecurity professionals successfully implemented enough defensive techniques to force attackers to constantly shift their means of assault.
How Did Cybersecurity Professionals Guard Against Attacks?
As an example, while phishing clicks continued to go up in 2018, machine learning models are getting better at catching phish before they hit user mailboxes and preventing harm after click if they do. More good news? An increasing number of companies are implementing multi-factor solutions to limit the success of credential theft phishing emails.
How Do Prevention Controls Play A Role In Staying Ahead Of Cyber Threats?
The report reinforces how preventive controls play a key role in an overall defense strategy. Preventive control investments should be targeted at the lowest cost techniques to steadily remove cheap and effective attack techniques.
What Are Microsoft’s Recommendations?
The SIR team suggests the following four key tips:
- Security hygiene is critical: Avoid using unfamiliar free and/or pirated software; mitigate credential theft risk; keep machines up to date; implement advanced email and browser protections and enable host anti-malware and network defenses to get near real-time blocking responses from the Cloud.
- Implement access controls: Apply the principle of least privilege; limit downloading of applications to trusted sources, and deploy strong code integrity policies.
- Keep backups: Keep destructive-resistant backups and use cloud storage services for automatic backup of data online.
- Be aware and act if you suspect anything: Teach employees to be wary of suspicious communications. Be careful when clicking on web links, be mindful of exceptionally slow computer speeds, and look for suspicious files immediately.
How Is Cybersecurity Evolving According To Microsoft?
Cybersecurity is evolving to meet the changes in the strategies that hackers are employing. In addition to protection practices, detection and response strategies contribute to resiliency by limiting the time an attacker has access to your resources.
This is an example of how the power and scale of cloud technologies enable business organizations to better meet market needs and can also help security operations better fight back against attackers.
Ask your IT provider to deploy a security strategy commensurate with your risk profiles. Their services should include leveraging the full capabilities of Microsoft Office 365, as well as managed services that include endpoint protection, a Security Operations Center (SOC), and Security Information & Event Management (SIEM).
Did you find this article helpful? Visit our Blog for more information about cybersecurity for your organization in the DC Area.