Essential Microsoft Security insights from intY

The practice of protecting devices, networks and data from unauthorised access or attacks has become a critical component of modern life, as many of our personal and professional activities are conducted through digital channels.

Cybersecurity solutions reduce the risk of cyber-attacks, which can have serious consequences for individuals, your business, and your customers, including financial losses, reputational damage, and the loss of sensitive information.

As cyber-attacks grow in sophistication, it’s crucial to learn how to protect yourself and your customers. We’ve compiled the latest information on cybersecurity to help you understand the scale of the problem and the tools at your disposal.

What are the main types of cybersecurity?

Cybersecurity is a complex and ever-changing field, so it’s essential for organisations to take a comprehensive approach to protect their systems and data. This approach should include not only the five core types of cybersecurity (critical infrastructure security, application security, network security, cloud security, and IoT security) but also the three components that play a critical role in any cybersecurity solution: people, processes, and technology.

People are often the weakest link in an organisation’s security, so it’s essential to provide employees with regular training on cybersecurity best practices and the potential risks of human error.

Processes provide a structured approach to detecting, identifying, and responding to threats, as well as recovering from incidents – a Zero Trust approach should be a fundamental pillar of any strategy.

Technology, of course, plays a crucial role in cybersecurity, from the use of firewalls and other security tools to secure data storage and backup systems. Still, it should not be relied upon alone.

By taking a holistic approach that encompasses all these elements, you can significantly improve your defence against cyber threats and reduce your overall risk.

The current state of cybercrime

Cybercrime is still a major threat, with ransomware being a top concern. This type of malware is used by cybercriminals to prevent or limit access to people’s systems or data until a ransom is paid. Commodity attacks, which are high-volume but low-tech, also continue to target individuals and small businesses.

The proliferation of powerful cyber tools and their increased availability to state and non-state actors has led to more supply chain attacks. These happen when attackers get into an organisation’s systems via its third-party vendors or suppliers. Global digital transformation and the explosion of cloud-based technologies has also caused a significant increase in vulnerabilities.

A key shift in the cybercrime landscape is coming from state actors like China, Russia, Iran, and North Korea. China targets third-party tech, software, and service supply chains, while Russia uses its cyber powers to cause maximum damage in Ukraine. Iran was called out by several security agencies in November 2021 for exploiting Microsoft and Fortinet vulnerabilities. North Korea, though not as advanced, uses cybercrime and theft to help its struggling economy. These countries use their cyber capabilities for various purposes, including espionage and stealing data for commercial gain.

Cybersecurity – how did it get to this point?

If you know the history of cybersecurity, it’s easy to see how we arrived at the current situation. It all began in the 1970s when an engineer created the first non-malicious worm called “Creeper.” This led to the development of the first antivirus software, “Reaper”, which started the ongoing cat-and-mouse battle between cyber attackers and defenders. In the 1980s, commercial antivirus programs were launched, but it was the advent of the internet in the 1990s that truly sparked growth in the field.

The 2000s saw the emergence of professional cyber-attacks, with governments implementing legislation to try and combat hacking. Security software became more sophisticated, but so did viruses. In the past decade, common threats and vulnerabilities have included phishing, insider threats, business email compromise, a lack of skilled cybersecurity workers, and misconfigurations of code.

Cybersecurity in 2023 and beyond

As technology continues to evolve, so does the world of cybersecurity. In the future, we’re likely to see cybercriminals leveraging emerging technologies like artificial intelligence, blockchain and machine learning to execute stealth attacks.

With the advent of 5G networks, we can also expect to see more automation of critical infrastructure on systems like transportation, which means the impact of cyberattacks will be even more far-reaching.

To reduce the incidence of cyberattacks and minimise their effects, researchers and security experts will need to leverage the benefits of these emerging technologies. For example, AI is already integrated into Microsoft’s antivirus and firewall solutions to improve detection and response capabilities.

Implement best practices with these cybersecurity frameworks and standards

Cybersecurity is a weighty topic, but there are several tools and frameworks out there that can help you get across the essentials:

1. The Cyber Essentials Scheme – backed by the UK government, this standard sets out an organisational security framework that can protect businesses from most low-level cyber threats. Obtaining certification for this standard can reassure customers that you take cyber security seriously and can help you participate in the government supply chain.
2. The IASME Governance Standard – developed for smaller businesses, goes a step further than the Cyber Essentials Scheme. This risk-based standard includes a mandatory assessment against GDPR requirements and allows you to demonstrate a more rigorous approach to cyber security.
3. ISO 27001 – a widely recognised information risk management framework, this standard guides on selecting adequate controls to protect information.
4. ISO 22301 – for businesses looking to ensure continued operation during disruptions. This can help you identify critical assets and put in place processes and plans to keep those assets available in the event of an incident.
5. The Cloud Controls Matrix (CCM) – offers a controls framework that gives businesses a detailed understanding of cloud-related security concepts.
6. The NCSC Cyber Assessment Framework (CAF) – a comprehensive approach to assessing and improving an organisation’s cybersecurity posture to improve cyber resilience and demonstrate compliance with key industry standards.

Equip your business with Microsoft’s tools for cybersecurity

Microsoft Defender for Business is a highly effective cybersecurity solution that we recommend for partners and their customers. Available within Microsoft 365 Business Premium or as a stand-alone product, it’s comprehensive – protecting against ransomware, malware, phishing, and more, with automated alerts and threat investigation, as well as cross-platform functionality,

Easy to implement and cost-effective as part of Microsoft Business Premium, Defender has been specially built to bring enterprise-grade endpoint security to businesses with up to 300 employees in a solution that’s easy to use and cost-effective. It helps protect you against cybersecurity threats across Windows, macOS, iOS, and Android devices.

Best practice is our best defence

Cybersecurity is a perennial problem that isn’t going away, so while it’s essential we equip ourselves with the best practices and tools, it’s important to take a pragmatic, Zero Trust approach by assuming that breaches will happen.

Solutions are developed in reaction to threats, so there will always be an element of catching up and interim risk. Cybercriminals are evolving faster than technology, so the best practice is to keep yourselves informed through intY’s educational content and protected through our recommended solutions.