The recent digital migration triggered by an increase in remote work during the pandemic continues to have a significant impact on the cyber-threat landscape. Attackers adjust their tactics to take advantage of widespread COVID-related anxiety and increased weaknesses in remote IT security arrangements. The work from home lifestyle has become a gateway for cyber criminals to access sensitive data. Attackers adjust their tactics to increase spam, fraudulent emails, calls, texts, and phishing attempts.
As a response to the trend of increased cyber threats, cybersecurity product developers continue to make critical advancements in threat intelligence to protect organizations from the risks in this ever-advancing landscape. Among these contributors is Microsoft, tracking 35 ransomware families and over 250 unique nation-states, cybercriminals, and other threat actors. Their programming allows organizations to gain insight into threat actors’ behavior and track them closely. Each day, their cloud processes over 43 trillion security signals, which Microsoft uses to thoroughly protect their users.
“In the ever-changing cyber threat environment, up-to-date and comprehensive security solutions are mandatory,” said Matt Cooke, Director of IT Operations at Clearview Group. “Cyber threats and attacks could result in business disruption, loss of organizational data, and even brand or reputation risk.”
Further building upon their existing threat intelligence, Microsoft has recently announced two new security products to help users track threat activity and view their organization from the perspective of an attacker.
Microsoft Defender Threat Intelligence uses built-in AI to expose an attacker and the elements of their infrastructure. With this information, organizations can discover adversary tools in their organization and block to prevent future attacks.
This product continually maps the internet, giving organizations the information needed to gain insight into the method of attacks. Defender Threat Intelligence provides raw threat data that identifies adversaries by name, correlates their TTPs (tools, tactics, and procedures), and actively updates the portal as Microsoft’s security signals and experts gain new information.
This in-depth threat intelligence is designed to give organizations understanding into the threats they are up against, to in turn strengthen their security.
Microsoft Defender External Attack Surface Management scans the internet and its connections, building a catalog of a user’s internet-facing resources. Organizations can then use this complete view to mitigate risk.
Microsoft Defender External Attack Surface Management also builds a full collection of an organization’s internet-facing resources. This allows the users to securely manage their assets and resources within their extended detection and response tools and security information and event management.
With the continual evolution of the digital landscape, organizations search for deeper context into threat actor activity and how to reduce their overall attack surface. Technology like Microsoft’s Threat Intelligence solutions provides organizations with the right knowledge to eliminate gaps and build resilience.
If you would like to implement threat intelligence solutions or have concerns about security threats in your organization, contact Matt Cooke.
We are a full-service management consulting and CPA firm covering all aspects of audit, compliance, risk management, accounting, finance, tax, IT risk, and more. Just let us know what you need help with and an expert will be in touch!
Request Your Consultation
