The language of InfoSec
If we are to truly influence and shape our industry’s culture, I am asking everyone in the industry to examine how and what we communicate, how we can make cybersecurity easier to understand by the language we use.
Steer clear of tax scams
In the month of February, we saw an average of 300,000 phishing attempts across Microsoft’s browsing platforms daily. Our security experts expect these attempted scams to become increasingly more prevalent through the April 15 tax day.
Voice of the Customer: Walmart embraces the cloud with Azure Active Directory
Learn how Walmart embraced the cloud with Azure Active Directory.
Cybersecurity threats: How to discover, remediate, and mitigate
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this blog, we explain how Microsoft 365 threat protection solutions interoperate threat detection across these attack vectors.
Announcing: new British Standard for cyber risk and resilience
Technology is an integral part of the fabric of everyday life. There is almost no organization that does not rely on digital services in some way in order to survive. The opportunity that technology provides also brings with it more vulnerabilities and threats as organizations and data become more connected and available.
IGF proves the value of bottom-up, multi-stakeholder model in cyberspace policy-making
In December, the Internet Governance Forum (IGF) brought the world together to talk about the internet. I tend to take a definite interest in cybersecurity, but there were many more important topics discussed. They ranged from diversity in the technology sector through to philosophy in the digital age. Cybersecurity was, nonetheless, a major theme.
How public-private partnerships can combat cyber adversaries
For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote presenter talking about it.
Cybercrime and freedom of speech – A counterproductive entanglement
This post is authored by Gene Burrus, Assistant General Counsel. As cybercrime becomes ever more pervasive, the need for states to devote law enforcement resources to battling the problem is apparent. However, states should beware using cybercrime legislation and enforcement resources as a vehicle for restricting speech or controlling content.
The CISO Perspective: Putting lessons from WannaCrypt into practice to avoid future threats
Last month, customers and companies around the world were impacted by the WannaCrypt ransomware attack. Even those not impacted are assessing their risk and taking steps to help prevent such attacks. For everyone, including Microsoft, the attack is a stark reminder of the need for continued focus on security and proven operational techniques.
More than just an ocean separates American and European approaches to cybersecurity
The recent revision of the National Standards and Technology Institute’s (NIST) Cybersecurity Framework and the publication of European Network and Security Agency’s (ENISA) proposals on implementation of the Network and Information Security (NIS) Directive have made me pause and ponder the progress made (or indeed not) in securing our critical infrastructures since they were both