Three ways to strengthen cybersecurity resilience in the country
Organizations across the Philippines rapidly transformed to adapt to new business conditions during the pandemic. Remote work became a default for many workers, enabling businesses to continue despite lockdowns across the region. But if businesses adapted to the realities of the pandemic, so did cybercriminals. And as we transition to hybrid work, businesses will need new strategies to ensure their security.
Frost & Sullivan estimates that by 2030 there will be a complex global network of 200 billion devices. That’s about 20 connected devices per person. It’s a dramatic expansion of the number of endpoints cybercriminals can exploit. At the same time, our online identities – made up of all the data that apps and services collect – continue to be the most exploited area of vulnerability.
Cybersecurity has often been viewed through a competitive rather than a collaborative lens. Organizations have focused on building their digital environments for competitive advantage, often without considering how others in the industry might approach the same challenges.
An increasingly sophisticated threat landscape requires a new and more comprehensive approach to cybersecurity. Conventional measures that center on isolated perimeter-based firewall systems, antivirus solutions and tactical response are no longer adequate. Organizations need to adopt a Zero Trust approach to security with automation and multiple layers of defense built in.
This new approach also means partnering across industries and stronger collaboration between the public and private sectors. There needs to be a cohesive, collaborative approach to data protection and cyberdefense across organizations.
At Microsoft, we work with governments and organizations across the region to foster collective resilience through consultation on cyberstrategy best practices, threat intelligence sharing, and implementation of Zero Trust based security architecture. We use AI and human expertise to deliver an integrated, automated threat response with effective data governance and privacy management.
Here are some recommendations that may be helpful as organizations look to strengthen their resilience:
1. Building security plans around a Zero Trust approach
The complexity of the modern business environment means that our workforce is mobile and expects to be able to work from anywhere, using applications that live outside of traditional corporate network protections. As the number of remotely connected devices and edge endpoints increases, the attack surface cybercriminals can exploit increases too. Therefore, the “assume breach” mindset of Zero Trust needs to be a business imperative.
Microsoft’s cybersecurity ethos is built on the principles of Zero Trust, and our continuous endeavor is to help organizations adapt to this changing environment by adopting a Zero Trust approach to cybersecurity. A Zero Trust approach extends throughout an organization’s entire digital estate, giving users only the access that they need, while explicitly verifying and constantly monitoring.
Businesses of all sizes can get started on the Zero Trust journey by taking steps to secure identities. As our recent Cyber Signals report explains, identities are a key security battleground, and the risk to compromised credentials can be mitigated through activation of multifactor authentication (MFA) and passwordless authentication. Microsoft’s passwordless authentication relies on a user’s biometrics, serving as a secure alternative while improving security and safeguarding user privacy, and doing away with complex password requirements altogether.
2. Automating Organizational Response using Threat Intelligence
The most effective defense strategies are quick at responding to continuous changes, while leaving room for constant improvement and iterative growth as the attack landscape evolves.
One way to get ahead of emerging threats is through automation. Automating analytics enables the identification of a wide variety of threats, enabling adaptive response protocols that are easy to implement. This helps organizations streamline their risk assessment processes and provide realistic benchmarks for testing and evaluation.
To counter cyberattacks and guard against urgent threats, Microsoft Threat Intelligence amasses billions of signals to provide a holistic view of an organization’s security ecosystem. Customers can receive relevant, contextual threat intelligence that is built into products like Microsoft 365, Windows, and Azure.
Moreover, Microsoft’s ransomware protection prevents identities from being compromised, ensuring that client devices are healthy, while data is backed up securely and remains available even if a system is compromised. Read More…
