Nov 04 2019

Microsoft Ignite 2019: Cybersecurity Needs a 3-Pronged Approach

Microsoft’s top security officials explained how to make sure organizations are protected against growing threats.

As the amount of data that organizations have continues to grow, it leads to a growing problem: Protecting it all. 

According to a report from ForgeRock, data breaches cost U.S. businesses $654 million last year, and that number is expected to grow in 2019. In the face of these potentially devastating consequences, Microsoft Corporate Vice President Ann Johnson said Monday that only 42 percent of CEOs feel sure they could keep their businesses running after a cyberattack.

Johnson was part of a panel of executives speaking at a technical keynote on security at the Microsoft Ignite conference. She and others named three pillars they said are key to staying protected.

Ensure Employees Are Keeping Their Identities Secure

Johnson says that, despite warnings, most data breaches she sees involve poor password security practices.

“We get a lot of, ‘Oh, someone didn’t follow the encryption policy,’ or, ‘We have too much privilege for certain roles,’ or ‘We’re not using multifactor authentication,’” Johnson said.

“Identity is at the center of security,” said Kim Kischel, senior product marketing manager for cloud security at Microsoft. She says that one way to protect those passwords is using a single sign-on solution, like Azure AD, because it takes the burden of memory off the employee.

“Single sign-on improves productivity and security because it reduces the need for end users to remember passwords,” Kischel said.

Make Sure Users are Complying with Existing Policies

Some of the biggest threats that businesses face are internal, as it can be tough to track which employees have access to what information — and just as difficult to know what they’re doing with it.

To help change that, new security capabilities are being built into Microsoft 365, with a rollout planned for the end of the year. The software allows users to apply certain levels of security to certain documents. It then uses machine learning and artificial intelligence to track those documents and suggest ratings for similar files.

If something seems out of the ordinary — say a document marked “confidential” is transferred to a thumb drive — the system alerts administrators to the irregularity. The organization can then take that information and decide whether to launch a formal investigation. The alerts are customizable, so each business can input its own policies.

MORE FROM BIZTECH: Learn about the upsides, risks and policy implications of artificial intelligence.

Using Intelligence to Empower Cyber Defenders

As potential threats grow, so does the amount of information that goes into defeating them. This is where AI and automation can play a key role

Azure Sentinel delivers limitless scale to support the growing volume of security data in your organization,” said Sarah Fender, principal group program manager for Microsoft Intelligent Security Graph.

The system includes data links for different security products and services, bringing all of that information into one central place. It then uses automation to take the next actionable steps, as established by the administrator.

Next steps include everything to blocking IP addresses and creating alerts to sending an automatic email to IT. When the incident is over, the program analyzes what happened so that the organization can adjust.

While threats may always be present, organizations can take steps to protect themselves. By building in tools to protect identity, utilizing AI and integrating solutions across systems, businesses can know their information is more secure.

Find more of BizTech's coverage of Microsoft Ignite 2019 here.

artisteer/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT