There is a strong possibility that lockdown may have changed the way that we communicate and do business forever. Like it or not, doing business and communicating is predominantly occurring remotely, putting the organisations digital assets on the front line. People who were not digitally connected have needed to adapt quickly, and sometimes this has happened without considering the security implications of doing so.
The “bad actors” (as security specialists refer to them as), saw this mass move to online business as a new wave of opportunity. Today, the security posture of many organisations is so fractured that breaches and hacks are almost treated like a game of roulette – maybe win, maybe lose.
Much of this thinking is born out of two flawed perceptions. The first is that there are too many components in modern platforms and systems for the average Joe or Jane to understand. Let’s face it, a business’s security posture now starts at the user video call and chat level, and extends to the system and platform assets running either on site or in cloud service. The second is that the tools available to reduce an organisations risks are too expensive and require a high degree of (costly) expertise to interpret any results… Enter Microsoft Secure Score.
We would all be surprised if Microsoft had not been thinking about the increasing pressure on security and how far down the technology stack it would need to extend as they brought us more and more end-user functionality. Multifactor Authentication is now the standard for any endpoint to endpoint security connectivity, but within that connectivity the rules and actions of remote users are now also scrutinised.
Keeping pace with the threats
To ensure that an organisations security stance can keep pace with this step change in access to information and systems, the Microsoft Threat Protection (MTP) product line has continued to evolve, and recently Microsoft has released Microsoft Security Score.
This product set is specifically designed to give organisations the ability to assess and react to their own security stance, measured in near real-time against the entire Microsoft Threat Protection community. This is significant because, for the first time, it is possible for any size organisation to see how their security matches up against their peers – a marker to act if they appear exposed.
Why is this important? Well, an organisations risk to cybercrime is becoming more and more relevant when applying for Cyber Insurance. Claims for cybercrime have exceeded public liability for some time, and so insurance companies have become fixated on reducing their risk. This means that they are looking at your cybersecurity profile and charging accordingly.
Making it easy
Tools like Microsoft Secure Score give every business, whatever its size, the opportunity to understand and respond to their specific security threats. This is not a global aggregated list of the most common. Through an easy to understand, organised set of dashboards, it is possible to visually check how changes as small as adding a new user, or changing a user’s access rights, have changed the security posture of your company, on a daily basis.
It provides a catalyst for accountability for security. Senior management and business owners can no longer say that they do not understand, or that they couldn’t afford the security – although we all know that’s a zero sum game.
There are several great assets from Microsoft that very quickly show the power and adaptability of Secure Score – here's a really useful video: