The challenges of Attack as a Service (AaaS) and other cyberthreats are so broad that no one company can address them in isolation, according to Microsoft’s 2021 Digital Defense Report.
“With the increasing sophistication of threat actors, cyber resilience is the key,” said Aanchal Gupta, vice president of Azure Security for Microsoft, in a Dec. 3 virtual briefer. “Focusing on mindset, cloud, and [cyber] hygiene are critical areas.”
Among the actions that support these critical areas are assuming breaches at the onset to increase the cost for the attacker, building plans for rapid response and recovery, and utilizing the scale of cloud technology to process cyberthreats much faster.
THE CYBERCRIME ECONOMY
Ms. Gupta, who also leads the Microsoft Security Response Center, cited figures that gave a snapshot of the cyberthreat landscape:
$4 million is the average cost of a data breach in 2020;
$8 trillion is the estimated cost of cybercrime to the world economy by 2022; and
57 days is the median number of days between infiltration and detection.
“Eight trillion dollars is higher than the Gross Domestic Product of all but 20 countries in the world,” she said.
AaaS is cheap, moreover. Ransomware (or malware that holds a victim’s information at ransom) is priced at either $66 upfront, or 30% of the profit in an affiliate model.
Spear phishing (a social engineering scam that tricks individuals to share sensitive data) is priced $100-1000 for every successful account takeover. Meanwhile, compromised accounts are $150 per 400 million, or an average of $0.97 per 1,000 accounts.
“It’s a thriving economy of its own and a lot of people are getting driven to it,” added Ms. Gupta.
FIVE PARADIGM SHIFTS
Operational resilience is cyber resilience, noted Ann Johnson, Microsoft’s corporate vice president for security, compliance, and identity, in the report.
To support the evolution of work, in which people work securely and from a variety of non-traditional locations and devices, Microsoft listed five paradigm shifts in cybersecurity that focus on the inclusivity of people and data:
Digital empathy – involves thinking about the ways ordinary people engage with technology, and ensures that security fits into their working practices rather than those of a cybersecurity professional.
Zero trust – involves an “assume breach” security posture that treats each request for access as a risk to be verified.
Data diversity – involves utilizing the power and scale of the cloud to make sense of data points and identify threats before they reach customers.
Operational resilience – involves a strategic approach tied to cyber resilience, which in turn applies cloud technology’s scale to prepare for various contingencies.
Integrated security – involves adopting tools that are integrated to provide end-to-end visibility across an organization’s network, apps, and users.
Microsoft deals with 24 trillion security signals a day and uses artificial intelligence and machine learning to correlate these, said Ms. Gupta.
“Even if it looks like a successful authentication, we put a tracking on it if it’s not our customer’s usual IP address, and if the [account is not accessed] at the usual time…” she said. “At the end of the day, we want to take care of our customers.” — Patricia B. Mirasol