Achieving resilience against modern cyberthreats
By Reto Haeni on February 1, 2015
Filed under Microsoft in Government
Our whitepaper explores how you can protect, detect, and defend against modern cyberthreats in your enterprise.
As our use of mobile computing and social media grows, so does our exposure to risk. As any member of the modern workforce knows, the widespread adoption of cloud services and big data technologies has created unprecedented opportunities for mobile and social productivity. Yet without the right defenses in place, they can also open us to new kinds of vulnerabilities, as attacks that target devices operating outside the enterprise perimeter are quickly growing in volume and sophistication.
Passive protection is no longer sufficient for ensuring the security of information and IT infrastructures. Our recent Microsoft whitepaper, Achieving Resilience Against Modern CyberThreats, explores the ways that governments and enterprises can protect their valuable information by creating a holistic, risk-aware security strategy to achieve resilience against in an era of constant targeted attacks and determined adversaries.
The paper explores Microsoft’s holistic Protect, Detect and Respond approach to security strategy, including key principles for organizations, the importance of trustworthy cloud services, and the steps to take for securing an IT infrastructure in today’s threat landscape. This proactive strategy requires that an organization understand its assets and its exposure, and apply appropriate protection throughout the entire IT ecosystem in a continuous process. It also recognizes that enterprises must manage their inevitable risk – absolute security is not possible, so organizations must go beyond just protecting resources and also establish processes for detecting, responding and recovering from incidents when they occur.
In order increase an enterprise’s resilience against threats and “boost the IT immune system,” organizations need a security strategy that includes a resilient infrastructure based in trustworthy cloud services—as well as good IT hygiene and policy-based access to information. This includes taking steps such as:
- Upgrading operating systems and managing patches
- Aligning the Active Directory to the threat environment
- Assessing threats and counter-measures
- Implementing secure software development
No one understands the complexity of this challenge better than Microsoft. Our world-class Trustworthy Computing (TwC) Initiative has been developing secure and reliable computing solutions for more than a decade, laying the foundation for advanced solutions and services to help customers protect themselves against the attacks of determined adversaries and quickly recover key IT systems in the aftermath of a breach.
Read the white paper to learn more about how public and private sector organizations can protect their critical information in today’s rapidly evolving risk landscape.
Chief Security Officer and Advisor for Western Europe, Microsoft