Microsoft Security Innovators Guide

Read eBook

›

THE INNOVATOR’S GUIDE TO CLOUD-BASED SECURITY

Keeping pace with a rapidly shifting threat landscape – and a growing skills gap – requires a fresh approach

Download eBook

›

Next Chapter

›

Introduction

Innovative Approaches to Bridge the Security Talent Gap

Innovations in Cloud-Based Security

Machine Learning Drives Security Innovation

5 Pillars of a Holistic Security Strategy

Get Started Using the Cloud for AI

Additional Resources

Introduction

Innovative Approaches to Bridge the Security Talent Gap

Innovations in Cloud-Based Security

Machine Learning Drives Security Innovation

5 Pillars of a Holistic Security Strategy

Get Started Using the Cloud for AI

Additional Resources

Download eBook

Today’s digitally saturated, highly interconnected organizations may find themselves suffering from an identity crisis. As these organizations face escalating volumes and varieties of cyber-based attacks, what is their prime business objective? Is it to hunker down and focus on defending their digital assets against those attacks? Or is it to maintain their traditional focus on marketplace competitiveness and innovation? In practice, it’s impossible to separate these two components of a company’s personality. In order to compete and innovate with confidence, an organization must also be able to consistently identify and counter any cyber threats coming its way.

With cybersecurity now a prerequisite for business success and innovation, chief security officers (CSOs) and chief information security officers (CISOs) find themselves occupying increasingly strategic ground. Protecting their organizations’ digital assets and operations remains Job 1, but they must also help to drive a security-focused culture across the enterprise, understand the distinct needs and risks of different business units, and regularly engage with the C-suite and board.

Introduction

Next Chapter

›

3 Questions to Ask Before Presenting to the Board

Source: CISO Spotlight Series: Security is everybody’s business, Part One

Can you demonstrate a good governance process?

Do you have the right talent in place?

What are you doing to ensure a culture of cybersecurity?

Download eBook

Introduction

Next Chapter

›

3 Questions to Ask Before Presenting to the Board

Source: CISO Spotlight Series: Security is everybody’s business, Part One

Can you demonstrate a good governance process?

Do you have the right talent in place?

What are you doing to ensure a culture of cybersecurity?

Download eBook

That’s a lot to handle, and the task becomes even more difficult given the many hard realities CSOs and CISOs confront daily. First and foremost is the challenge of distilling actual cyber threats from the oceans of digital data now inundating security operations centers (SOCs). Hidden within that deluge are malware, anomalous activity patterns, and other red flags that indicate real, or potential, cyberattacks. Meanwhile, distributed business models and the proliferation of IT technologies – from mobile to cloud to blockchain to the Internet of Things (IoT) – has greatly increased the complexity of the digital landscape and the breadth of what must be secured. Finally, because of a large and growing talent gap in the security sector, CSOs and CISOs

must often take on these and other challenges shorthanded. Taken together, these factors make it they need to expand their notions of what skills and experiences their security team members should have. Then, when searching for talent, they need to tap broader and more diverse pools of candidates. Security chiefs must also take full advantage of the highly sophisticated defensive technologies and services now available. In particular, two broad and synergistic technologies can help CSOs and CISOs meet their full range of security obligations.

Next Chapter

›

It’s clear that CSOs and CISOs must be as innovative as the businesses they support.

Introduction

Increasing Complexity

Cloud

computing, paired with machine learning (ML) and other artificial intelligence (AI) technologies, is already providing a lifeline to many overburdened security teams.

clear that

CSOs and CISOs must be as innovative as the businesses they support.

For starters,

Download eBook

Next Chapter

›

It’s clear that CSOs and CISOs must be as innovative as the businesses they support.

Introduction

Increasing Complexity

Cloud computing, paired

with machine learning (ML) and other artificial intelligence (AI) technologies, is already providing a lifeline to many overburdened security teams.

clear that

CSOs and CISOs must be as innovative as the businesses they support.

For starters,

Download eBook

Even as cybersecurity technologies and practices become more sophisticated and capable, the need for people to staff SOCs and perform other security-related jobs continues to grow. The demand for security professionals has outpaced the supply for some time, and this talent gap is almost certain to widen. Consider:

Part of the solution to the skills gap involves training programs to expand the talents of existing employees. One recent example of the latter is Microsoft Threat Experts – part of the Microsoft Defender Advanced Threat Protection service – which allows customers to quickly access Microsoft’s security and incident response “experts on demand.” When it comes to evaluating and addressing in-house staffing needs, CSOs and CISOs must broaden their searches beyond traditional security applicants and jobs. Ann Johnson, Microsoft’s corporate VP of cybersecurity solutions, recently noted that women make up less than 10% of the cybersecurity industry, and people of color far less.

Innovative Approaches to Bridge the Security Talent Gap

Next Chapter

›

More than half

of organizations in ESG’s

latest global IT survey reported a problematic shortage of cybersecurity skills.

Cybersecurity Ventures predicts there will be

Over the past year, organizations had, on

according to IDG’s

2018 Security Priorities study.

(53%)

average,

more than two open

security positions,

3.5 million

unfilled cybersecurity jobs by 2021.

and consultants, who can supplement the skill sets of internal security teams.

Another option rests with outside partners

Download eBook

Microsoft Threat Experts

Part of the solution to the skills gap involves training programs to expand the talents of existing employees. Another option rests with outside partners and consultants, who can supplement the skill sets of internal security teams. One recent example of the latter is Microsoft Threat Experts – part of the Microsoft Defender Advanced Threat Protection service – which allows customers to quickly access Microsoft’s security and incident response “experts on demand.” When it comes to evaluating and addressing in-house staffing needs, CSOs and CISOs must broaden their searches beyond traditional security applicants and jobs. Ann Johnson, Microsoft’s corporate VP of cybersecurity solutions, recently noted that women make up less than 10% of the cybersecurity industry, and people of color far less.

Innovative Approaches to Bridge the Security Talent Gap

Next Chapter

›

More than half

of organizations in ESG’s

latest global IT survey reported a problematic shortage of cybersecurity skills.

Cybersecurity Ventures predicts there will be

Over the past year, organizations had, on

according to IDG’s

2018 Security Priorities study.

(53%)

average,

more than two open

security positions,

3.5 million

unfilled cybersecurity jobs by 2021.

consultants, who can supplement the skill sets of internal

Another option rests with outside partners and

Download eBook

Microsoft Threat Experts

and consultants, who can supplement the skill sets of internal security teams.

Another option rests with outside partners

Microsoft Threat Experts

security teams.

“Our teams need to be as diverse as the problems we are trying to solve,” Johnson said at the 2019 RSA Conference. “We need to be much more inclusive as an industry and go out and recruit through nontraditional channels.” Diversity, she added, “goes beyond gender, ethnicity, and race. It encompasses accessibility and a level playing field for people of all abilities, education, and social background.” Diversity in cybersecurity is particularly important “not just because it’s the right thing to do, but because gaining an advantage in fighting cybercrime depends on us doing it,” Johnson said. “Being surrounded by people with various experiences contributes new ideas to problem-solving.”

Beyond removing traditional hiring blinders, security officers should also expand the concept of what types of jobs fall under the cybersecurity umbrella. One reason for doing so is the infusion of technologies such as cloud and AI/ML into the security environment. Analysts, architects, trainers, and other security-specific roles will continue to be in high demand. But organizations are likely to learning modeling experts and data scientists to managers experienced in cloud-provider partnerships and “shared-responsibility” models. (Of course, people with some of these complementary skill sets are also in short supply.)

Next Chapter

›

“Our [security] teams need to be as diverse as the problems we are trying to solve.”

Innovative Approaches to Bridge the Security Talent Gap

– Ann Johnson, corporate VP, cybersecurity solutions, Microsoft

Fresh Ideas for Problem-Solving

postures by hiring professionals in adjacent fields.

Those hires could range from machine

they can strengthen their overall security postures by hiring professionals in adjacent fields.

find

Download eBook

2019 RSA Conference.

Download eBook

Conference.

Beyond removing traditional hiring blinders, security officers should also expand the concept of what types of jobs fall under the cybersecurity umbrella. One reason for doing so is the infusion of technologies such as cloud and AI/ML into the security environment. Analysts, architects, trainers, and other security-specific roles will continue to be in high demand. But organizations are likely to find learning modeling experts and data scientists to managers experienced in cloud-provider partnerships and “shared-responsibility” models. (Of course, people with some of these complementary skill sets are also in short supply.)

Next Chapter

›

“Our [security] teams need to be as diverse as the problems we are trying to solve.”

Innovative Approaches to Bridge the Security Talent Gap

– Ann Johnson, corporate VP, cybersecurity solutions, Microsoft

Fresh Ideas for Problem-Solving

in adjacent fields.

Those hires could range from machine

they can strengthen

find

Download eBook

2019 RSA

Download eBook

postures by hiring professionals in adjacent fields.

they can strengthen their overall security postures by hiring professionals in adjacent fields.

Those hires could range from machine

find

their overall security postures by hiring professionals in adjacent fields.

At an even more fundamental level, one can make a good case for hiring among economists, psychologists, and sociologists as part of a security team, says Mark Simos, lead architect with Microsoft’s Cybersecurity Solutions Group. “Attackers are typically economically motivated,” he notes. People who understand how to work with and motivate people within corporations can also play key roles, Simos says. “You need people who can convince and persuade employees as you educate them about how to become security assets rather than security liabilities.”

Sean Sweeney, senior director of Microsoft’s Cybersecurity Solutions Group, takes it a step further. “I’d open the talent search to history, English, and education majors, and even to people who didn’t go to college,” he says. “If you have the ability to absorb information quickly, make critical decisions, and communicate the results of those decisions, I can teach you how to do cybersecurity.” Even with more diverse and eclectic employees helping to fill their security team ranks, however, CSOs and CISOs will likely struggle to meet all their staffing needs for the foreseeable future. As importantly, many aspects of the cybersecurity threat – data volumes, speed, and sophistication – have

Next Chapter

›

cybersecurity roles.

Innovative Approaches to Bridge the Security Talent Gap

Security Assets, Not Liabilities

"The

more we can understand that fact and other drivers of their behavior, the better we can develop strategies to deter them.”

motivate

People who understand how to work with and

people can also play key

Download eBook

Next Chapter

›

cybersecurity roles.

Innovative Approaches to Bridge the Security Talent Gap

Security Assets, Not Liabilities

"The

more we can understand that fact and other drivers of their behavior, the better we can develop strategies to deter them.”

motivate

People who understand how to work with and

people can also play key

Download eBook

outpaced the abilities of even the most skilled security experts to identify and counter them without advanced technological assistance. Cloud computing and AI/ML tools and methods have emerged as an especially powerful duo in this regard. Not only can these technologies provide new levels of speed and scale, they can also help companies address the security skills gap by augmenting the abilities of human professionals. By doing so, cloud and AI/ML can help to unburden security employees from manually intensive tactical tasks to focus on more strategic activities.

Next Chapter

›

Innovative Approaches to Bridge the Security Talent Gap

New Levels of Speed and Scale

Download eBook

Establish a Modern Perimeter

Shared Security Responsibility Between Cloud Provider and Customer

Cloud computing plays a multifaceted role when it intersects with the security sector. In fact, one of the most common ways for many organizations to boost their security defenses is to move their workloads from on-premises servers and data centers to third-party cloud platforms. This fact once seemed counterintuitive, with many IT and security professionals concerned about placing sensitive data and applications on public cloud infrastructure. In practice, however, many companies – from small or midsized businesses to global enterprises –

often better able than individual companies to hire and retain scarce security professionals. Cloud infrastructure operators also tend to adopt the latest security technologies. At a basic level, they often do a better job than individual companies when it comes to Security capabilities and credentials vary from provider to provider, of course, as does the breadth of their security umbrellas. The nature of the cloud service – be it software-as-a-service, infrastructure-as-a-service, platform-as-a-service, or some other variant – also affects which security services the cloud provider offers, and which remain the responsibility of their customers. Navigating this shared responsibility terrain and clearly documenting the respective security roles and requirements is a critical part of any cloud migration process.

Innovations in Cloud-Based Security

Next Chapter

›

Modernize Infrastructure Security

“Trust but Verify” Each Cloud Provider

Responsibility

SaaS

IaaS

PaaS

On-prem

Cloud provider

Customer

Information and Data

Devices (Mobile and PCs)

Accounts and Identities

Identity and directory infrastructure

Applications

Network Controls

Operating system

Physical hosts

Physical network

Physical datacenter

simply can’t match the security

capabilities and practices of established cloud

service providers,

for whom security is a requisite

core competency. This competitive reality means that cloud providers spend heavily on security, and also are

immediately deploying security patches and performing other system health and hygiene processes.

Download eBook

Establish a Modern Perimeter

Shared Security Responsibility Between Cloud Provider and Customer

This competitive reality means that cloud providers spend heavily on security, and also are often better able than individual companies to hire and retain scarce security professionals. Cloud infrastructure operators also tend to adopt the latest security technologies. At a basic level, they often do a better job than individual companies when it comes to Security capabilities and credentials vary from provider to provider, of course, as does the breadth of their security umbrellas. The nature of the cloud service – be it software-as-a-service, infrastructure-as-a-service, platform-as-a-service, or some other variant – also affects which security services the cloud provider offers, and which remain the responsibility of their customers. Navigating this shared responsibility terrain and clearly documenting the respective security roles and requirements is a critical part of any cloud migration process.

Innovations in Cloud-Based Security

Next Chapter

›

Modernize Infrastructure Security

“Trust but Verify” Each Cloud Provider

Responsibility

SaaS

IaaS

PaaS

On-prem

Cloud provider

Customer

Information and Data

Devices (Mobile and PCs)

Accounts and Identities

Identity and directory infrastructure

Applications

Network Controls

Operating system

Physical hosts

Physical network

Physical datacenter

simply can’t match the security

capabilities and practices of established cloud

service providers,

for whom security is a requisite

core competency. This competitive reality means that cloud providers spend heavily on security, and also are

immediately deploying security patches and performing other system health and hygiene processes.

Download eBook

Establish a Modern Perimeter

Shared Security Responsibility Between Cloud Provider and Customer

Innovations in Cloud-Based Security

Next Chapter

›

Modernize Infrastructure Security

“Trust but Verify” Each Cloud Provider

Responsibility

SaaS

IaaS

PaaS

On-prem

Cloud provider

Customer

Information and Data

Devices (Mobile and PCs)

Accounts and Identities

Identity and directory infrastructure

Applications

Network Controls

Operating system

Physical hosts

Physical network

Physical datacenter

simply can’t match the security

capabilities and practices of established cloud

service providers,

for whom security is a requisite

core competency. This competitive reality means that cloud providers spend heavily on security, and also are

immediately deploying security patches and performing other system health and hygiene processes.

Download eBook

One of the cloud’s greatest strengths is its potential to use its scalable and wide-reaching infrastructure to collect and parse massive amounts of diverse data to identify cyber threats. Microsoft, for instance, receives approximately 6.5 trillion signals a day from its “estate” of security services; the data is anonymous and analyzed in aggregate.

Beyond the sheer volume of this Microsoft data is its variety of sources from which it is gathered. In addition to coming from the company’s own security systems and applications, signals arrive from Microsoft-powered servers, laptops, and PCs; Xbox Live gaming systems; the Hotmail email app; the Bing search engine; and dozens of other Microsoft applications and endpoints.

Microsoft Intelligent Security Graph:

Next Chapter

›

Source: Microsoft

“We have access to a huge diversity of security-relevant data that extends well beyond what most CISOs think about as normal enterprise data,” notes Microsoft’s Sweeney.

Unique insights, informed by trillions of signals

Innovations in Cloud-Based Security

emails analyzed

Enterprise security

threat signals analyzed daily

global cloud consumer and commercial services

Azure user accounts

Bing web pages scanned

threats detected on devices every month

Shared threat data from partners, researchers, and law enforcement worldwide

Botnet data from Microsoft Digital Crimes Unit

monthly authentications

470B

6.5T

200+

90%

630B

18B+

1B+

of Fortune 500

for

A Variety of Signals

Download eBook

Microsoft Intelligent Security Graph:

Next Chapter

›

Source: Microsoft

“We have access to a huge diversity of security-relevant data that extends well beyond what most CISOs think about as normal enterprise data,” notes Microsoft’s Sweeney.

Unique insights, informed by trillions of signals

Innovations in Cloud-Based Security

emails analyzed

Enterprise security

threat signals analyzed daily

global cloud consumer and commercial services

Azure user accounts

Bing web pages scanned

threats detected on devices every month

Shared threat data from partners, researchers, and law enforcement worldwide

Botnet data from Microsoft Digital Crimes Unit

monthly authentications

470B

6.5T

200+

90%

630B

18B+

1B+

of Fortune 500

for

A Variety of Signals

Download eBook

Source: CISO Spotlight Series: Security is everybody’s business, Part One

6.5

Microsoft receives approximately 6.5 trillion signals a day that are anonymous and analyzed in aggregate.

Trillion

Once threats are identified and blocked, the cloud can then serve to distribute newly crafted defenses to all of the interconnected endpoints and applications it supports. In one example of this process, one organization’s implementation of Microsoft Windows Defender Antivirus detected and blocked new instances of the malware called Dofoil (aka Smoke Loader), which secretly uses the processing power of victims’ computers to mine for crypto coins. After taking just milliseconds to block the initial Dofoil assault, the targeted system immediately communicated the attack signature through the Microsoft cloud to all connected Microsoft endpoints.

The result? In one day, Microsoft was able to block more than infect formerly vulnerable computers.

Next Chapter

›

Innovations in Cloud-Based Security

Blocking an Attack

400,000 instances of the

Dofoil variants

as they subsequently tried to

Download eBook

Source: CISO Spotlight Series: Security is everybody’s business, Part One

6.5

Microsoft receives approximately 6.5 trillion signals a day that are anonymous and analyzed in aggregate.

Trillion

The result? In one day, Microsoft was able to block more than infect formerly vulnerable computers.

Next Chapter

›

Innovations in Cloud-Based Security

Blocking an Attack

400,000 instances of the

Dofoil variants

as they subsequently tried to

Download eBook

Machine learning algorithms can analyze massive amounts of diverse data when searching for malware, suspicious user activity, and other signals and patterns.

There has been plenty of hype about AI over the years, and not all of the field’s promises have materialized. But “intelligent” technologies have made great strides in recent years. Arguably, their most impactful deployments to date have been in the cybersecurity sphere, enabled by cloud environments. Machine learning algorithms can analyze massive amounts of diverse data when searching for malware, suspicious user activity, and other signals and patterns that human analysts couldn’t hope to comprehend.

As their name suggests, machine learning solutions can extrapolate beyond the data and algorithmic models that constitute their initial programming. They can identify new threats that show characteristics similar to the known threats that programmers manually entered into their knowledge bases. The synergies between cloud and AI/ML play out on a couple of levels. For one, the processing requirements of machine learning solutions can be beyond the scale and horsepower of many corporate systems. More fundamentally, these intelligent solutions not only consume lots of data, they need lots of data. The more data they have to crunch, the better their insights and analyses.

Machine Learning Drives Security Innovation

Next Chapter

›

Machine learning is proving to be particularly adept among AI-based technologies for identifying and countering cyber threats.

Download eBook

Machine learning algorithms can analyze massive amounts of diverse data when searching for malware, suspicious user activity, and other signals and patterns.

Machine Learning Drives Security Innovation

Next Chapter

›

Machine learning is proving to be particularly adept among AI-based technologies for identifying and countering cyber threats.

Download eBook

Data diversity is also critical, as relying on too narrow a source can result in skewed, potentially biased outputs. For example, facial recognition algorithms can fail if they’re not trained on a racially diverse set of inputs. Likewise, security ML works best if its data inputs come from a wide range of individual users as well as businesses of all sizes, and draws from as diverse a set of applications, systems software, and network traffic as possible. “You can do AI and ML on premises,” says Simos. “But the scale and diversity of data required to be successful, and the scale of the processing needed to execute it, make it much more pragmatic to do AI and ML in the cloud.”

Ultimately, the cloud/machine learning pairing helps organizations proactively identify and counter cyber threats before they can do harm. To accomplish this, the two complementary technologies must play central roles in five functional areas that form the foundation of every comprehensive cybersecurity strategy.

Next Chapter

›

Machine Learning Drives Security Innovation

The More Data Diversity, the Better

Download eBook

The addition of cloud computing and AI/ML to the cybersecurity toolkit doesn’t eliminate the need for other categories of security tools and technologies any more than it eliminates the need for cybersecurity professionals and their skill sets. Rather, cloud and AI/ML can enhance cybersecurity operations and capabilities across each of five foundational pillars.

5 Pillars of a Holistic Security Strategy

Next Chapter

›

Identity and access management

Information protection

Threat protection

Security management

Infrastructure security

Download eBook

For identity to become the new security “perimeter,” organizations need both visibility and automated control.

Digital transformation and the rapid evolution of the threat landscape have caused a fundamental shift in how organizations protect their digital assets. In the past, when most of an organization’s IT architecture sat behind a firewall and shared a common IP address range, security controls were network-oriented. In order for identity to become the new security “perimeter,” organizations need both visibility and automated control,

Sweeney says. Visibility encompasses not only user identities, but also when and from where they’re connecting; the devices they’re using; their devices’ states and, finally, what digital assets they’re trying to access. Automation comes into play because security controls must instantly cross-correlate and analyze all the relevant variables, and then either allow or block the desired access. “Simply put,” Sweeney says, “you can’t do all that without cloud and AI.”

Identity and access management

Next Chapter

›

5 Pillars of a Holistic Security Strategy

With the

distribution of systems and data brought by mobile devices, IoT devices, and cloud computing itself, security increasingly must be based on context and identity rather than the traditional network.

Download eBook

For identity to become the new security “perimeter,” organizations need both visibility and automated control.

Identity and access management

Next Chapter

›

5 Pillars of a Holistic Security Strategy

With the

distribution of systems and data brought by mobile devices, IoT devices, and cloud computing itself, security increasingly must be based on context and identity rather than the traditional network.

Download eBook

Given that much sensitive information often leaves the confines of data centers and travels the world on different networks and devices, it must carry its own protection with it. “The pervasive connectivity of the cloud allows us to do something we’ve never been able to do before – encrypt the document at all times wherever it goes,” says Simos. “The document can ‘phone home” for the decryption key whenever it’s needed.”

can be extremely demanding and time-consuming if done manually. Fortunately, some machine learning solutions can automatically perform these processes and apply the proper controls based on taxonomy rules established by each company. “What’s sensitive to company A might not be sensitive to company B,” notes Sweeney.

Information protection

Next Chapter

›

5 Pillars of a Holistic Security Strategy

A more fundamental need is the initial identification, classification, and labeling of sensitive data so the appropriate protection policies can be applied to it.

This basic task

Download eBook

Information protection

Next Chapter

›

5 Pillars of a Holistic Security Strategy

A more fundamental need is the initial identification, classification, and labeling of sensitive data so the appropriate protection policies can be applied to it.

This basic task

Download eBook

The combined power of cloud computing and AI is most readily apparent in the realm of threat protection, which essentially involves “giving the right alerts to the right people at the right time,” says Sweeney. That’s where AI and machine learning come in to correlate and curate all of the endpoint, identity, and app data that cloud-connected devices and their users generate. As noted,

Often, Security Information and Event Management (SIEM) systems play a crucial role in helping organizations gain the necessary visibility and management capabilities. On-premises SIEMs, however, can struggle to encompass and interpret all of the signals emanating across an organization’s distributed, virtual footprint. Cloud-native SIEMs – especially if enhanced with AI/ML capabilities – are better able to correlate threat signals and prioritize alerts to assist investigations.

Threat protection

Next Chapter

›

5 Pillars of a Holistic Security Strategy

AI/ML solutions must perform these tasks near-instantaneously, but they must also do so reliably so that they don’t generate false alerts that prompt unnecessary and counter productive fire drills.

Download eBook

Threat protection

Next Chapter

›

5 Pillars of a Holistic Security Strategy

AI/ML solutions must perform these tasks near-instantaneously, but they must also do so reliably so that they don’t generate false alerts that prompt unnecessary and counter productive fire drills.

Download eBook

Security management involves improving visibility across an organization to better manage controls and policies and to strengthen the overall security posture. It also entails finding the right balance between strong security controls and user satisfaction and productivity. In short, organizations need to ensure that they’ve performed the due diligence and training necessary to ensure their security

infrastructure and practices address all governance and risk management requirements. There is plenty of work to be done on this front, as made clear by IDG’s 2018 Security Priorities study. Among the more than 650 IT and security managers and other respondents:

Security management

Next Chapter

›

do not have an incident response process

54%

do not have an employee security awareness program

48%

do not have an overall information security strategy

44%

5 Pillars of a Holistic Security Strategy

Make controls

too onerous to navigate and users may ignore them entirely. Make them too user-friendly and they may fail at their primary task.

Download eBook

Security management

Next Chapter

›

do not have an incident response process

54%

do not have an employee security awareness program

48%

do not have an overall information security strategy

44%

5 Pillars of a Holistic Security Strategy

Make controls

too onerous to navigate and users may ignore them entirely. Make them too user-friendly and they may fail at their primary task.

Download eBook

In on-premises data centers, it can be difficult to even keep track of all the infrastructure components, much less secure them. It isn’t unusual for IT administrators to “lose” a server or virtual machine – and more common for them to stumble across one they had forgotten even existed. In cloud infrastructures, the providers and the customers – who, after all, are paying for each infrastructure element used – know exactly what needs to be protected.

determine what processes are running, what normal baseline activities exist, and when deviations from those norms might indicate potential security issues.

Infrastructure security

Next Chapter

›

5 Pillars of a Holistic Security Strategy

In cloud environments, it’s also possible to apply machine learning to basic infrastructure health monitoring and

maintenance.

The technology can help

Download eBook

Selecting and monitoring cloud providers: Key questions

Next Chapter

›

Virtually all organizations are using one or more cloud-based services, but most haven’t fully grasped how the cloud, married with AI/ML, can address many of their most pressing security needs. More often than not, the security benefits conferred by the cloud are often unanticipated – achieved by companies who moved to the cloud primarily to capture CapEx/OpEx benefits, anywhere/anytime access, open-ended scalability, and other well-understood gains. IT and security teams need to evaluate a number of variables when selecting cloud providers and launching cloud migration initiatives.

Those considerations include the provider’s ability to support compliance requirements, its alignment with the customer’s business model, and its policies about the ownership and accessibility of customer data. Cybersecurity capabilities also should be part of the evaluation criteria, and

Get Started Using the Cloud for AI

Selecting and monitoring cloud providers: Key questions

Compliance

• Compliant

Does provider meet all compliance and data sovereignty requirements (including yearly 3rd party reviews)?

• Assistance

Does provider invest in helping myorganization meet our compliance needs?

Self-service artifacts & documentation

Assessment & reporting tools

Alignment

• Business Model

Does provider (or partners /underlying cloud provider) mine our data or our customers data?

Does provider compete with our organization (e.g. retail, advertising, industry services)?

• Data Ownership/Mining

Product Improvement?

Other line of business?

Security and Privacy

• Responsible

Does provider rapidly correct security issues & notify me of breaches affecting my data?

Does provider execute well on security best practices? (physical security, patching, backups, secure coding practices, etc.)

• Responsive/Proactive

• Resolute

Does provider reject non-binding requests to disclose personal and other data?

• Transparent

Will provider tell me where my data is stored?

Who has access to my data, and why?

Do they help me with my security challenges?

If so, for what purpose?

Advertising?

Microsoft

Source:

bolstering

security will increasingly become a primary incentive for organizations to turn to the cloud.

Learn More ›

Download eBook

Selecting and monitoring cloud providers: Key questions

Next Chapter

›

Get Started Using the Cloud for AI

Selecting and monitoring cloud providers: Key questions

Compliance

• Compliant

Does provider meet all compliance and data sovereignty requirements (including yearly 3rd party reviews)?

• Assistance

Does provider invest in helping myorganization meet our compliance needs?

Self-service artifacts & documentation

Assessment & reporting tools

Alignment

• Business Model

Does provider (or partners /underlying cloud provider) mine our data or our customers data?

Does provider compete with our organization (e.g. retail, advertising, industry services)?

• Data Ownership/Mining

Product Improvement?

Other line of business?

Security and Privacy

• Responsible

Does provider rapidly correct security issues & notify me of breaches affecting my data?

Does provider execute well on security best practices? (physical security, patching, backups, secure coding practices, etc.)

• Responsive/Proactive

• Resolute

Does provider reject non-binding requests to disclose personal and other data?

• Transparent

Will provider tell me where my data is stored?

Who has access to my data, and why?

Do they help me with my security challenges?

If so, for what purpose?

Advertising?

Microsoft

Source:

bolstering

security will increasingly become a primary incentive for organizations to turn to the cloud.

Learn More ›

Download eBook

Selecting and monitoring cloud providers: Key questions

Next Chapter

›

Get Started Using the Cloud for AI

Selecting and monitoring cloud providers: Key questions

Compliance

• Compliant

Does provider meet all compliance and data sovereignty requirements (including yearly 3rd party reviews)?

• Assistance

Does provider invest in helping myorganization meet our compliance needs?

Self-service artifacts & documentation

Assessment & reporting tools

Alignment

• Business Model

Does provider (or partners /underlying cloud provider) mine our data or our customers data?

Does provider compete with our organization (e.g. retail, advertising, industry services)?

• Data Ownership/Mining

Product Improvement?

Other line of business?

Security and Privacy

• Responsible

Does provider rapidly correct security issues & notify me of breaches affecting my data?

Does provider execute well on security best practices? (physical security, patching, backups, secure coding practices, etc.)

• Responsive/Proactive

• Resolute

Does provider reject non-binding requests to disclose personal and other data?

• Transparent

Will provider tell me where my data is stored?

Who has access to my data, and why?

Do they help me with my security challenges?

If so, for what purpose?

Advertising?

Microsoft

Source:

bolstering

security will increasingly become a primary incentive for organizations to turn to the cloud.

Learn More ›

Download eBook

Selecting and monitoring cloud providers: Key questions

Next Chapter

›

Get Started Using the Cloud for AI

Selecting and monitoring cloud providers: Key questions

Compliance

• Compliant

Does provider meet all compliance and data sovereignty requirements (including yearly 3rd party reviews)?

• Assistance

Does provider invest in helping myorganization meet our compliance needs?

Self-service artifacts & documentation

Assessment & reporting tools

Alignment

• Business Model

Does provider (or partners /underlying cloud provider) mine our data or our customers data?

Does provider compete with our organization (e.g. retail, advertising, industry services)?

• Data Ownership/Mining

Product Improvement?

Other line of business?

Security and Privacy

• Responsible

Does provider rapidly correct security issues & notify me of breaches affecting my data?

Does provider execute well on security best practices? (physical security, patching, backups, secure coding practices, etc.)

• Responsive/Proactive

• Resolute

Does provider reject non-binding requests to disclose personal and other data?

• Transparent

Will provider tell me where my data is stored?

Who has access to my data, and why?

Do they help me with my security challenges?

If so, for what purpose?

Advertising?

Microsoft

Source:

bolstering

security will increasingly become a primary incentive for organizations to turn to the cloud.

Learn More ›

Download eBook

Selecting and monitoring cloud providers: Key questions

Next Chapter

›

Get Started Using the Cloud for AI

Selecting and monitoring cloud providers: Key questions

Compliance

• Compliant

Does provider meet all compliance and data sovereignty requirements (including yearly 3rd party reviews)?

• Assistance

Does provider invest in helping my organization meet our compliance needs?

Self-service artifacts & documentation

Assessment & reporting tools

Alignment

• Business Model

Does provider (or partners /underlying cloud provider) mine our data or our customers' data?

Does provider compete with our organization (e.g. retail, advertising, industry services)?

• Data Ownership/Mining

Product Improvement?

Other line of business?

Security and Privacy

• Responsible

Does provider rapidly correct security issues & notify me of breaches affecting my data?

Does provider execute well on security best practices? (physical security, patching, backups, secure coding practices, etc.)

• Responsive/Proactive

• Resolute

Does provider reject non-binding requests to disclose personal and other data?

• Transparent

Will provider tell me where my data is stored?

Who has access to my data, and why?

Do they help me with my security challenges?

If so, for what purpose?

Advertising?

Microsoft

Source:

bolstering

security will increasingly become a primary incentive for organizations to turn to the cloud.

Learn More ›

Download eBook

Microsoft has developed a wide range of security capabilities that stretch from endpoint software to AI/ML-enabled cloud services. Learn more about Microsoft’s cloud-powered, intelligent security solutions help you protect users, data, and everything in between:

Additional Resources

• Identity and access management • Information protection • Threat protection • Security management • Infrastructure security

Download this eBook

Visit Microsoft Security

Download eBook