The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights, achievements, and growth of the previous year, both personally and professionally. I want to take some time to reflect upon the progress we made in 2022 as part of our journey toward making the world a safer place for all.
Looking at the steady rise in cybercrime, it can feel like there are only gray skies on the horizon. Since September 2021 we saw the number of password attacks rise from 5791 to 1,2872 per second. That’s a staggering increase. But at Microsoft, we’re moving into the new year full of hope and resolution. We center our actions around the belief that cybersecurity is about people—to protect, involve, and empower everyone.
We’re committed to innovating against the threats of today and tomorrow by harnessing AI, machine learning, and cloud technologies all brought together in an end-to-end security cloud. Since July 2022, Microsoft Security has delivered more than 300 product innovations—from minor updates to major launches like Microsoft Entra Workload Identities (November 2022). In addition, we now have more than 15,000 partners integrated across our security ecosystem so customers have the power to choose what works best for them. In a time when security professionals are being asked to do more with less—fewer people, scant resources, and less time—Microsoft has responded with a simplified, comprehensive security approach that protects your entire multicloud, multiplatform digital estate. And we continue to foster a diverse, inclusive new generation of cyber defenders who will keep us all moving ahead—fearlessly. Here’s a look at some of our newest innovations to help you move into the new year with confidence.
Unified innovations to protect you comprehensively and make your job easier
According to Microsoft research, 72 percent of chief information security officers (CISOs) and other C-level security professionals say that it’s very important for a technology vendor to offer a comprehensive set of products across security, compliance, and identity.3 We continue to respond to this need, and over the past year, we’ve streamlined and simplified our security solutions into six integrated product families designed to decrease your costs and enable growth. This simplification makes it easier for you to anticipate vulnerabilities, manage risks, and navigate a rapidly evolving threat landscape and regulatory environment. This comprehensive solution with interconnected product families cover extended detection and response (XDR), security information and event management (SIEM), threat intelligence, identity and access management (IAM), endpoint management, cloud security, and data protection, compliance, and privacy. For organizations that want to extend their ability to defend and manage threats, we’ve added a new line of managed services—Microsoft Security Experts.
Integrated security defense
As cyberattacks become more sophisticated, Microsoft continues to keep pace. We’re always pushing our limits and improving our products to help you eliminate security gaps and protect more with less. During the latter half of 2022, we extended our vision of simplified, unified protection—delivering hundreds of innovations to help protect your entire digital estate. Some of our notable launches over the past six months include:
Microsoft Defender for IoT adds agentless monitoring to secure enterprise IoT devices like Voice over Internet Protocol (VoIP), printers, and smart TVs—as well as Operational Technology (OT) devices in critical industries like energy, manufacturing, and healthcare.4 A dedicated integration with Microsoft 365 Defender adds XDR for Internet of Things (IoT) devices, which means less complexity and greater visibility within one unified security operational center. These entry points can be used to escalate laterally across your network and are often overlooked.
Microsoft Defender Cloud Security Posture Management (in preview), helps your security teams save time and remediate critical risks with contextual cloud security. Get a continuous security assessment of your resources running across Microsoft Azure, Amazon Web Services (AWS), Google Cloud, and on-premises systems with new agentless scanning capabilities that provide real-time assessments across hybrid and multicloud environments.
Microsoft Defender for DevOps (also in preview) integrates with Defender Cloud Security Posture Management to further connect the dots for security operations (SecOps) teams. Defender for DevOps empowers your team to unify and strengthen DevOps security to minimize vulnerabilities, then effectively prioritize and drive remediation across multipipeline environments.
Microsoft Defender External Attack Surface Management also integrates with Defender Cloud Security Posture Management to help provide a better picture of your attack surface, including shadow IT and other unseen assets accumulated through normal business growth. This gives SecOps the ability to discover unknown resources that are accessible from the internet—the same view an attacker has when selecting a target. With this new tool, your team is empowered to maintain a dynamic inventory of external resources across multiple cloud and hybrid environments, helping to monitor unmanaged resources that could serve as potential entry points.
Microsoft Defender Threat Intelligence empowers your team to better track threat actor activity and patterns.5 Uncover attacker infrastructure so you can accelerate your investigation and remediation with more context, insights, and analysis. Armed with this real-time data, your team can proactively hunt for threats, undertake custom threat intelligence processes and investigations, and even improve the performance of third-party security products.
Microsoft Defender Experts for Hunting provides a proactive threat-hunting service for customers who would prefer to have Microsoft experts help them hunt down threats using Microsoft Defender data.6 This new service covers not only endpoints, but also Microsoft Office 365, cloud applications, and identity. Our experts will investigate anything they find, then hand off contextual alert information and remediation instructions, enabling your team to respond quickly.
Integrated data and identity protection
A recent industry study found that phishing, password spray, multifactor authentication fatigue, and other identity-driven attacks now account for 61 percentof breaches.7 And during the third quarter of 2022, approximately 15 million data records were breached worldwide—a 37 percent increase over the previous quarter.8 Because our adversaries aren’t slowing their attacks, we’ve continued to innovate and expand capabilities for Microsoft Entra, Microsoft Intune, and Microsoft Purview to help your team protect user identities, their endpoints, and the precious data that keep your business going.
Microsoft Entra Permissions Management (formerly CloudKnox Security) is a cloud infrastructure entitlement management (CIEM) solution that provides comprehensive visibility and control over permissions for any identity and any resource in Azure, AWS, and Google Cloud.9 With Permissions Management, organizations can discover, remediate, and monitor permissions for all identities and resources across multicloud environments. This empowers your team to enforce the Zero Trust principle of least-privilege access at cloud scale using historical data—improving your security without interrupting productivity.
Microsoft Entra Verified ID—for Microsoft Azure Active Directory (Azure AD) subscribers (free and premium)—provides provides an easy option to issue, request, and verify credentials for employment, education, or any other claim.10 This decentralized identity system offers a convenient, portable way to verify your identity while controlling your own data.
Microsoft Entra certificate-based authentication (CBA) through Azure AD strengthens access controls and helps organizations reduce infrastructure costs, so even customers who have regulatory requirements for CBA can move authentication to the cloud and eliminate the need for Active Directory Federation Services (AD FS).
Microsoft Entra Identity Governance is a complete identity cloud-delivered governance solution to ensure that only the right people have access to the right resources. This service includes more advanced tools—lifecycle workflows that automate repetitive tasks like employee onboarding and separation of duties, which introduces checks and balances within entitlements management and provisioning back to your on-premises applications——and capabilities that were already available in Azure AD.
Microsoft Purview Data Loss Prevention and new capabilities focused on granular policy configuration and context for post-incident investigation on endpoint devices help users make informed decisions and take the right actions while using sensitive data, helping balance security and productivity. A recent survey by MDC Research shows that a majority of customers purchase three or more products to meet their compliance and data protection needs. Stitching together disparate solutions is not only resource-intensive but also could lead to potential blind spots and gaps in an organization’s data protection strategy.11
Microsoft Purview Information Protection for Adobe Document Cloud provides a rights-management solution that helps you protect your data when shared in documents. This portable data protection solution combines native classification and labeling capabilities with the power of Adobe Acrobat to seamlessly secure PDFs with sensitivity labels and user-defined permissions. Available for Windows and macOS.
Microsoft Purview Insider Risk Management offers analytics, quicker policy creation capabilities, new file path, keyword, and site URL exclusions to reduce false positives, and a new policy type to help detect risky browsing usage help organizations detect risky insider activities that may lead to a data security incident.12 Data breaches arising from insider threats cost businesses an average of USD7.5 million annually. Our holistic insider risk management program report showed that the most effective way to address insider risks is to build a program focused on empowering your people, making user privacy a priority, collaborating across leadership, and addressing data protection and insider risk management from multiple lenses.13
Microsoft Purview eDiscovery APIs help organizations lower costs by leveraging automation to streamline repetitive workflows. The automation and extensibility of eDiscovery workflows help reduce staff hours and the likelihood of costly human errors, which is critical for organizations with complex requirements for litigation and investigation.
Looking back, I am appreciative for all we’ve accomplished. These innovations across the Microsoft Security comprehensive solution empower your team to move into this year with confidence—six integrated product families to help you protect what matters most.
Creating a safer world for all is our north star; it’s what drives us toward relentless innovation. We hope you will join us in this goal and discover new ways to stay ahead of the bad actors. Today, Microsoft Security helps to protect billions of people around the globe. Our ability to process trillions of signals daily gives us a unique vantage point to scan the threat landscape and help protect against sophisticated new attacks. As proof, the number of Microsoft Security customers almost doubled in the last year to more than 860,000 worldwide. That’s why Microsoft is driving the future of cybersecurity by continuing to invest in AI, machine learning, and cloud technologies.
Join us at Microsoft Secure to hear about future innovations
Be among the first to hear important security announcements from Microsoft leaders and learn how your organization can eliminate security gaps and cut costs with simplified, comprehensive protection for the new year at Microsoft Secure on March 28, 2023. This new digital event will bring our customers, partners, and the defender community together to share perspectives on navigating the security landscape and to build on real-world experience. Register today!
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
The challenges that small and midsize businesses (SMBs) face when it comes to security continue to increase as it becomes more difficult to keep up with sophisticated cyberthreats with limited resources or security expertise. Research conducted highlights the top seven SMB cybersecurity trends and steps that can be taken to stay protected.
The main components of the Microsoft Intune Suite are now generally available. Read about how consolidated endpoint management adds value and functionality for security teams.