Microsoft offers a broad range of products and services which we use at Henkel and also in our private life. Let´s hear from them why cyber security is of strategic importance for their company, where do they see dangers for the future and how is this translated into the security of their products.
11. Security operations that work for you
Partnerships for a heterogeneous worldEnterprise-class technology
12. Secure identities to
reach zero trust
Help stop damaging
attacks with integrated and
automated security
Locate and classify
information anywhere
it lives
Strengthen your security
posture with insights
and guidance
Infrastructure security
16. Alpha-numeric
passwords are hard
to remember
How many times
have you reset your
password?
On mobile devices
passwords are
impossible to enter
17. Credential reuse
across multiple
services increases
attack surfaces
Even the strongest
passwords are
easily phishable
279% more
enterprise
security
incidents
from 2016
to 2017
81% of hacking-
related
breaches
leveraged
either stolen
and/or weak
passwords
OTA Cyber incidents Report 2018 I Verizon Cybercrime Case Studies 2017
18. 1 welc0me
2 2018
3 pa$$w0rd
4 1234
5 summer
6 fall
7 september
8 apple
9 soccer
10 london
Hello everyone and also a big welcome from my side to the Henkel Security Summit, Thank you for having me here . My name is Anton and I work for Microsoft as a Technology Solutions Professional in the field of Enterprise Cyber Security. That means I have the honor to support our customers when it comes to protect, detect and respond to cyber security threats. Leading the fight against Cybercrime. Today I'm really happy to show you how Microsoft became on of the biggest Security Vendors on the market. And on this Session we will cover the current Cyber Security Landscape and what Microsoft does to protect their customers and of course I will show you how you can easily improve your security in a digital world. Ok Lets get started!
Cyberspace is the new battlefield:
We’re seeing attacks on civilians and organizations from nation states. Attacks are no longer just against governments or enterprise systems directly. We’re seeing attacks against private property—the mobile devices we carry around everyday, the laptop on our desks—and public infrastructure. What started a decade-and-a-half ago as a sense that there were some teenagers in the basement hacking their way has moved far beyond that. It has morphed into sophisticated international organized crime and, worse, sophisticated nation state attacks.
Personnel and resources are limited:
According to an annual survey of 620 IT professional across North America and Western Europe from ESG, 51% respondents claim their organization had a problem of shortage of cybersecurity skills—up from 23% in 2014.1 The security landscape is getting more complicated and the stakes are rising, but many enterprises don’t have the resources they need to meet their security needs.
Virtually anything can be corrupted:
The number of connected devices in 2018 is predict to top 11 billion – not including computers and phones. As we connect virtually everything, anything can be disrupted. Everything from the cloud to the edge needs to be considered and protected.2
1. https://www.csoonline.com/article/3247708/security/research-suggests-cybersecurity-skills-shortage-is-getting-worse.html
2. https://www.forbes.com/sites/bernardmarr/2018/01/04/the-internet-of-things-iot-will-be-massive-in-2018-here-are-the-4-predictions-from-ibm/#7fec220eedd3
And when it comes to defending against cyber attacks, we really have to consider what is our digital estate? How do we think about what our assets are and what we have to defend against? This is a little bit different now than it was five or 10 years ago.
IT organizations now find themselves responsible for protecting a set of technologies they may not own. That can be things like user-owned mobile devices that are used to access corporate data. It also includes systems and devices that your partners and customers use to access your information.
And any one of these points can be a point of vulnerability for your overall estate. That changes the game when it comes to security: You can no longer draw perimeters around your organization. This is the challenge that we all struggle with in IT security. And it's a challenge we at Microsoft think that we can uniquely help with.
The cloud can help manage that complexity of the expanding digital estate. It simplifies and makes security easy to manage.
Next generation of AI and automation in the cloud helps to super-charge your work.
To add to the complexity is that there are many solutions to choose from. In fact one customer I spoke to had over 60+ security solutions and what makes this even more concerning is that these solutions do not integrate well and talk to each other – giving opportunity for security vulnerabilities. Plus having so many solutions requires multiple upgrades and excess manageability. Click* Many of our customers are struggling just to figure out: how many of those solutions do we need in place? And are they leaving holes in their security which could in turn cost them more? And how do I manage all of these solutions?
#####The cost of the city of Atlanta's mitigation and subsequent IT overhaul following a massive SamSam ransomware infection in March could reach $17 million, of which $6 million has already been budgeted for new devices, security enhancements as well as upgrades, according to news reports.
At Microsoft, we spend over a billion dollars every year on research and development to secure your organization and enable you to digitally transform - without compromising productivity.
The center piece of our investment in intelligence is the Microsoft Intelligent Security Graph. This is how we describe the way that we synthesize a vast amount of data from a huge variety of sources. 470 billion emails get analyzed monthly by our Outlook.com and Office 365 email services.
1.2 billion devices are updated monthly. The 1.2B includes ~750M Windows 10 active devices which we receive telemetry from and which are communicating with our Windows Update Service on a monthly basis.
We operate 200-plus global cloud, consumer, and commercial services. Everything from outlook.com to Xbox Live to Office 365 to Azure, and so on. And with all of those services, we have a tremendous amount of surface area that we defend. Enterprise Security from Microsoft is demployed by 90% of the Fortune 500 company's worldwide
And so, we see more attacks than most other companies on any given day. We get a lot of information from defending against those attacks.
The 1 Billion plus Azure user accounts give us tremendous insight into how people authenticate to Azure. And that, combined with the 630 billion monthly authentications that we do with Azure Active Directory and Microsoft Accounts, really give us some tremendous insight into what is normal behavior, when it comes to sign-ins and authentications and what is abnormal behavior, and how often is it that someone has the right password, but they're not the person they say they are. We learn a lot about defending that really important control point, the identity, by looking across that set of data.
Bing scans about 18 billion web pages every month, giving us really great insight into what people are doing with web scripting technologies when it comes to attacks and phishing campaigns. And we have a great way to look at that and understand how we should help customers defend based on that information.
And why is it a graph? It's a graph because what's really important is connecting these pieces of intelligence, so that these signals are not just individual points of information. The graph brings them together as something that we can draw patterns across. We can learn from one point of data to influence how we interpret another point of data.
So, the Intelligent Security Graph is something that we are very, very heavily invested in at Microsoft. It's something that we feel is unique to us in this industry
#####On top of all of that we layer shared threat data that we get from our partners, from the researchers here at Microsoft who are part of our 3,500-plus people that are full time on security, and law enforcement agencies that we partner with worldwide through our digital crimes unit, as well as botnet data that we collect through the digital crimes unit. All of that intelligence makes up the Intelligent Security Graph.
We try to keep it simple for our customers knowing you have limited resources and dollars. We do this through our operations, technology and partnerships.
What makes Microsoft so different to other cloud providers and even security providers is that we have over 3,500 security professionals and Intelligence informed by trillions of sources so we can help you make smarter decisions and remediate faster.
We provide a truly holistic approach to technology. Microsoft helps you protect identities, data, applications, and devices across on-premises, cloud, and mobile - end to-end. This protection is at global scale with enterprise –class technology. Benefit from the investment of security at global scale with built-in capabilities and resources.
Let’s talk about Microsoft security operations and the people and intelligence behind the scenes that you do not get to see in action but that are helping secure your organization every day.
In the next Video, called OneHunt you will see our internal RED & BLUE Team. This is an internal cyber war game, where the RED Team try to infiltrate our Systems while the BLUE Team is defending it. Enjoy!
In the next Video, called OneHunt you will see our internal RED & BLUE Team. This is an internal cyber war game, where the RED Team try to infiltrate our Systems while the BLUE Team is defending it. Enjoy!
One Hunt Video - We recommend downloading and inserting this video if you plan to include it in your presentation.
Download high res video: https://microsoft.sharepoint.com/sites/Infopedia_G03/officeonramp/VideosForDownload/OneHunt and Intelligent Security Graph.mp4
This video is available on Stream at https://msit.microsoftstream.com/video/10ba3612-31f2-4d08-b587-7fbfe9a675e8
The Microsoft cloud is managed by people who spend all day thinking about data security and privacy. As I mentioned, You get to take advantage of 3,500 dedicated cybersecurity professionals working together across the Cyber Defense Operations Center, digital crimes unit, Microsoft Threat Intelligence Center and other teams to help protect, detect and respond to threats in real time.
The industry-leading security experts in our Cyber Defense Operations Center (CDOC) defend our services, Azure and Office 365 and so on, on behalf of our customers. Staffed with dedicated teams 24x7, the CDOC has direct access to thousands of security professionals, data scientists, and product engineers throughout Microsoft to ensure rapid response and resolution to security threats.
Our Digital Crimes Unit (DCU), which operates out of the Cybercrime Center, is an international legal and technical team working with partners to help eliminate a full range of cyber threats, including malicious software crimes, IP crimes, and technology-facilitated child exploitation. Our Digital Crimes Unit has worked with global law enforcement agencies to bring criminals to justice: to date, taking down 18 criminal bot-nets and rescuing nearly 500 million devices from secret bot-net control. In partnership with security teams across the company, the DCU has also combatted nation-state hackers, using innovative legal approaches 12 times in two years to shut down 84 fake websites, often used in phishing attacks and set up by a group known as Strontium that is widely associated with the Russian government.
#####In the next Video, called OneHunt you will see our internal RED & BLUE Team. This is an internal cyber war game, where the RED Team try to infiltrate our Systems while the BLUE Team is defending it. Enjoy!
####Microsoft Threat Intelligence Center state-of-the-art detection work is well-documented and helps protect our customers every day. When we detect threats, we’ll work directly with participating organizations to notify them and help them secure their systems. This aspect of Microsoft AccountGuard will draw on the expertise of the Microsoft Threat Intelligence Center, or MSTIC.
###Microsoft cloud services extend your security team by thousands of the industry’s-leading security experts.
Pretty cool That leads us to Technology. Microsoft is using the cloud to secure organizations broadly. It is the cloud that enables us to take all our signal, intelligence, and operational experience and use it to help our customers be more secure, We have built in security that is enterprise class..
Our investments here are guided by the four strategies for success with infrastructure based on Azure security to secure your data in the cloud. For each strategy, we have enterprise class technologies in place, some of them are written below. *Click! I'm not going to dig into all four strategies, what I want to go into in more detail with you is on Identity & access management. Why? *Click!
#####Let’s talk about Infrastructure Security first, as this is woven throughout all of our 4 key areas and foundational to security.
Because Access credentials in the form of email addresses and passwords are the two most compromised data types, at 44.3% and 40%, respectively. That is why Identity and access management is the control plane of security.
So why we don’t go PASSWORDLESS?
Access credentials in the form of email addresses and passwords are the two most compromised data types, at 44.3% and 40%, respectively. That is why Identity and access management is the control plane of security.
Source: Dark Reading Date: November 2017
Everybody hates password.
Hackers Love Passwords! Their are the only ones who like them. I just graped some date from last year September from our Microsoft cloud protection service. Those are the 10 most rejected passwords. So people really tried to change their corporate password into one of those. Its ridicules.
Have someone of you ever heard about “have i been pwned?” For the ones who don’t -> it’s a great way to find out, if your email address and password has been ever involved in a credential theft.
Down below you can find the largest website breaches and the recently added website breaches. In a resent credential theft called THE COLLECTION, almost 800M Accounts got exposed. And as we remember, most people use the same password on every online account. What makes it easy for an attacker to hack any account of the individual. And guess what? Click*
Yes! I have been pwned. Luckily I used that email address just on my Adobe account. And YES I use different passwords!
But this is why, we at Microsoft declaring an end to the era of passwords. The Future is Passwordless!
We already have a lot of technology's in place, to help you go passwordless. In the next slides you will see how you can benefit from our solutions like Windows Hello & the Microsoft Authenticator App. And those solutions are not only for Enterprise Environments. You can also easily adopt this solutions at home and on your personal devices.
First lets start with Windows Hello.
The Microsoft authenticator app enables you to sign in with your phone. Using your phone is one of the most convenient and secure ways to sign in. The phone is something you have and the fingerprint is something you are. This is 2 factors in one. It is as secure as a smart card, but much easier to deploy and manage.
We can stop phishing, password spray, breach replay, and whatever comes next to attack us. And while doing that, we can offer a great user experience. Let see on the next slides how the Microsoft Authenticator App can help you to protect your online accounts.
With the Microsoft Authenticator App you are able to protect your personal and business account like outlook.com, Facebook, eBay, google, twitter and many other online accounts. The app give you the ability of a true multifactor authentication. The Microsoft Authenticator App is available on Apple and Android devices and even the Apple watch is supported as well.
Adding to that, with our upcoming feature you will get security notifications when someone changes your password on your online account. So that gives you a god indicator if your account has been breached.
Lets check out how this looks like.
Here
OK! Thank you very much for your attention and also thank you for having me here at this awesome event!
Now I’m ready to take your questions. Or you can meet me later, I will be here the whole day!
