With a special guest keynote from Michael “Mafiaboy” Calce, security was top-of-mind with attendees as well as presenters at CDW BTEX 2019. But the security landscape has shifted dramatically since the days when companies feared attacks from infamous “teenage hackers.”
Suzanne Gagliese, vice president of One Commercial Partner at Microsoft, told attendees during a presentation that looking at how open the world of technology is today, no single company can alone make our environment secure. Gagliese was championing the idea that organizations must be focused on fostering connections and partnerships within the technology industry in order to combat bad actors and promote a more secure online world. This is a path Microsoft has followed through participation in industry associations such as the Cybersecurity Tech Accord and other partnerships.
Today’s cyber risk landscape
The message of sharing information and partnering to protect the world against emerging cyber threats was woven throughout Gagliese’s presentation. The security landscape of the past meant businesses used to worry about hackers such as MafiaBoy, but now the problem is much more organized. Gagliese said cyberspace is the new battlefield, where criminal enterprise and even state actors are actively pursuing cybercrime.
This is compounded by a lack of security skills and the constantly growing number of attack surfaces. The result, as Gagliese cited, is a shortage in resources organizations have to devote to protecting themselves from cyber attacks, with at least 50 percent of companies saying they do not have the resources to adequately protect themselves.
The issue of dwindling resources is compounded by the more than 11 billion connected devices around the world. There are more attack vectors than ever before, and we have less control over those devices than we have had in the past, she noted. Today, organizations must consider the security of their own infrastructure and devices but also the securing of their partners’. Since they cannot control those devices, they must be vigilant in guarding their own perimeter.
With hundreds of possible security solutions available to companies, it is becoming increasingly difficult to know exactly what a business needs to lock down its devices and information. Gagliese said the number of security products, even from single vendors, makes it difficult to get an end-to-end view of a business’ security operations.
She said Microsoft is helping bring those disconnected solutions together and simplify the security landscape for businesses by focusing on three areas: operations, technology and partnerships.
Trust begins with a secure foundation, and Gagliese let attendees know Microsoft is building that foundation across its entire product range and in the cloud. She said that begins with physical security at the company’s data centres around the world. That security-first mentality is carried through to its overall operational security including how the business is run.
For Microsoft, Gagliese said the technology focus is two-fold: protecting Microsoft’s customers and enabling those same customers to protect their assets. Gagliese outlined four primary pillars of technology protection that inform the company’s approach to security technology: identity and access management, threat protection, information protection and security management.
Highlighting the first point, Gagliese asked the audience how seamless and secure their end-user authentication was, how much control they really had over their access and how secure their identities were against current and emerging threats. She pointed to areas where Microsoft could assist, such as biometrics, which allow users to forego passwords, and multi-factor authentication to harden accounts against potential breaches.
Beyond access, Gagliese touted the benefits of Microsoft’s threat protection to protect networks and devices. She discussed how Microsoft’s proactive notification services and full-context breach reporting helped security professionals understand exactly where their data is in critical breach situations, allowing them to know what data may have been compromised so it can be locked down.
The current cybersecurity landscape is constantly changing; partnerships help Microsoft and other companies stay relevant on the latest security trends. Participation in associations and sharing data helps organizations ensure their technology is secure and protected against as many modern threats as possible.
Microsoft has focused on three main areas of partnership within cybersecurity: partnering with peers, working with alliances in industry and working with governments. Gagliese used the example of Microsoft’s participation in the Microsoft Intelligent Security Association and the FIDO Alliance, which is a group of companies dedicated to building standards for authentication.
“We embrace our responsibility to create a safer world that enables organizations to digitally transform,” Gagliese said.
Please bookmark this page for more coverage of BTEX 2019.