Whether responding to a natural disaster, defending against a cyberattack, or meeting the unprecedented demands to enable the largest workforce in history to work remotely, we amplify our human capacity through technology. At Microsoft, cybersecurity is the underpinning to helping organizations maintain business continuity during times of change.
As we look past the pandemic and prepare to implement the lessons we’ve learned during this time of disruption, we are reminded that security technology is also about improving productivity and collaboration through inclusive user experiences. In an industry that has traditionally expected people to adjust their behavior to conform to security policies, this is a transformative idea.
My team and I share this transformative idea when we work with organizations from around the world who need to enable people to work productively and securely and from a variety of non-traditional locations. Through these interactions, we’ve learned a lot about the role that cybersecurity plays in helping organizations maintain business continuity as we adapt to this new world. As I result, I anticipate five cybersecurity paradigm shifts that will support the evolution of work in a way that centers around the inclusivity of people and data.
1. The rise of digital empathy
To say that we are living in unprecedented times, is quite frankly, an understatement. Each and EVERY one of us has been impacted—in one way or another—by current events. We’ve had to adapt to new ways of life, in our homes, and our workplaces. And the pace of change has been at a rate none of us have seen before. At times like these, we need empathy more than ever.
“We have seen two years’ worth of digital transformation in just two months.” – Satya Nadella, President & CEO, Microsoft
Empathy is the ability to understand the feelings and thoughts of another person. To walk in their shoes. During times of constant disruption and change, empathy can reduce stress and bring people together. We saw empathy at work in the nightly cheers for healthcare workers as they came home from a long day at the hospital in New York and other cities.
But empathy isn’t just for in-person interactions. By applying empathy to digital solutions, we can make them more inclusive. In cybersecurity that means building tools that can accommodate a diverse group of people’s ever-changing circumstances. It also means developing technology that can forgive mistakes.
Securing cloud apps offers a great example. There is a good reason that cloud apps have proliferated in enterprises. If you have a challenge, there is probably an app available to solve it. They are easy to access and many are free. But they also pose a security risk. Individuals may share privileged data through apps with security vulnerabilities, not because they don’t care, but because they are too busy to stay up to date on the intricacies of an organization’s data privacy policies.
Our security tools can empower people to work when, where, and how they need, and use the devices and apps that maximize their productivity. Solutions like Microsoft Cloud App Security and Azure Information Protection accommodate how people want to work, with controls that make organizations more secure. The Microsoft Identity platform already adds security like multi-factor authentication (MFA) to 1.4 million unique apps (up 117 %YoY) including brands like ServiceNow, GoogleApps, and Salesforce.
2. The Zero Trust journey has begun
In the first 10 days of the pandemic, it became clear that companies that relied on traditional security methods—things like firewalls—were at a disadvantage. Not only did they have trouble meeting the needs of a new remote workforce, but they were also more susceptible to COVID-19 themed threats. Overnight, Zero Trust shifted from a business option to a business imperative.
Zero Trust is an “assume breach” security posture that treats each step across the network and each request for access to resources as a unique risk to be evaluated and verified. This model starts with strong identity authentication everywhere. MFA—which we know prevents 99 percent of credential theft—and other intelligent authentication methods make accessing apps easier and more secure than traditional passwords.
As we look past the pandemic to a time when workforces and budgets rebound, Zero Trust will become the biggest area of investment for cybersecurity. This means, that right now, every one of us is on a Zero Trust journey—whether we know it, or not.
3. Diversity of data matters
It wasn’t just individuals, businesses, schools, and governments that rapidly responded to the pandemic, our adversaries also quickly pivoted. Because Microsoft tracks more than 8 trillion daily signals from a diverse set of products, services, and feeds around the globe, we were able to identify new COVID-19 themed threats—sometimes in a fraction of a second—before they reached customers. This is just one example of how the power and scale of the cloud has a clear advantage when it comes to combating threats.
Our diversity of data also allowed us to understand COVID-19 themed attacks in a broader context. Microsoft cyber defenders determined that adversaries were primarily adding new pandemic themed lures to familiar malware. Of the millions of targeted messages Microsoft caught every day, less than 2 percent included COVID-19 related malicious attachments or URLs. Since mid-March when COVID-19 attacks peaked, they’ve decreased to a slightly elevated “new normal” (See Figure 1). Although the drop off tracks closely to the news, it also coincides with when defenders began increasing phishing awareness training in enterprises. This is a great example of how insights based on good data help us raise the cost of attacks for our adversaries.
Figure 1: Trend of COVID-19 themed attacks.
Cybercriminals are adept at changing their tactics to take advantage of global or local events to lure new victims. Insights based on more diverse data sets can offer real-time protection as tactics shift. As a result of their experiences navigating COVID-19 related threats, more enterprises are likely to embrace cloud-based protection and threat insights.
4. Cyber resilience is fundamental to business operations
One thing we’ve learned from the COVID-19 pandemic is to expect the unexpected. We can’t predict what the next disruption to business continuity will be—whether natural or manmade—but we do know organizations will confront other crises that require a rapid response.
Today’s businesses are more reliant than ever on cloud technology, and so a comprehensive approach to operational resiliency must include cyber resilience. At Microsoft, we benefited from a strategy that focused on four basic threat scenarios: Planful events like weather incidents, unplanned events such as earthquakes, legal events like cyber-attacks, and pandemics like COVID-19. From there, Microsoft set clear priorities around putting life safety above all else, protecting customers, and protecting the company. This allowed us to build out more specific response plans that leverage the flexibility of cloud technology and Zero Trust architecture. We also prepared employees and leadership with drills and table-top exercises.
Cloud technology helps organizations develop a comprehensive cyber resilience strategy and makes preparing for a wide range of contingencies less complicated due to its scalability.
5. A greater focus on integrated security
The COVID-19 outbreak has brought into stark reality of how agile and callous our adversaries can be. To uncover shifting attacker techniques and stop them before they do real damage, organizations need to be able to see across their apps, endpoints, network, and users. Solutions like Microsoft 365 Security, that provide a more integrated view, can help ensure that the next shift won’t be into their blind spot.
Facing a new economic reality, organizations will also be driven to reduce costs by adopting more of the security capabilities built into their cloud and productivity platforms of choice. This is why digital empathy is so critical to how we move forward as an industry. Whether it’s an organization—or an individual—our ability to be empathetic helps us understand and adapt to the needs of others during times of disruption.
While digital acceleration will continue to influence the paradigm shifts that shape our industry, one thing remains the same; security technology is fundamentally about improving productivity and collaboration through secure, inclusive user experiences.
Dig into more data about how attackers exploited the COVID-19 crises.
Read Ann’s blog post, Operational resilience in a remote work world.
Get advice on implementing Zero Trust.
Read Ann’s advice for CISOs on enabling secure remote work.
For more information on Microsoft Security Solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.