Microsoft is helping build and improve cyber resilience through offering their unique vantage point to share their insights on how the threat landscape has evolved.
Over the last year, threats to digital peace have reduced our trust in technology and has highlighted the urgent need for improved cyber defences at all levels – Tom Burt, Corporate Vice President of Customer Security & Trust, Microsoft Digital Defence Report 2023.
“As the digital domain faces new and more threatening challenges, defenders are being driven to innovate and collaborate more closely than ever.”
For example, Russia’s use of cyberweapons as part of its hybrid war against Ukraine sparked sustained collaboration between Microsoft and Ukrainian officials to successfully defend against most of these cyberweapons.
Governments are imposing new legal and regulatory requirements for cybersecurity and while many of these are beneficial, they can also impose counterproductive conditions – such as requiring overly rapid reporting of cybersecurity incidents or establishing inconsistent or conflicting requirements across agencies or geographies.
“Close collaboration between public and private sectors to formulate, enforce and harmonise these requirements is crucial to improve global cybersecurity and foster innovation.” – Tom Burt.
Artificial technologies (AI) are set to become a major focus of regulators and industry. Microsoft expresses how we will “undoubtedly see attackers using AI as a tool to refine phishing messages, develop malware and enable other abuses of technology.” In the coming years, it’s expected that innovation in AI-powered cyber defence will help reverse the side of cyberattacks.
CSG provide support for setting up Microsoft 365 CoPilot – your new AI-employee alliance – which combines the power of large language models (LLMs) with your data in the Microsoft Graph and the Microsoft 365 apps to turn words into the most powerful productivity tool on the planet.
The Power of Partnership in Building Cyber Resilience
Microsoft Digital Defence Report highlights Microsoft’s belief that every individual and company around the world should be empowered to meet its security needs.
“Strength in numbers. Stronger together. Together we stand. Societies around the world recognise the benefits of collective behaviour. The power of multistakeholder partnerships in cybersecurity, too, cannot be ignored as we seek to answer the question, “What can we do to ensure a more safe and secure world for everyone on the planet?”
Collaborative efforts among stakeholders, including government agencies, private sector entities, academia, non-profits and other organisations, are crucial in building resilient defences against cyber threats – Microsoft Digital Defence Report 2023.
How can we protect against 99% of attacks?
CSG is your preferred IT partner, offering solutions and preventing cyber security attacks. Microsoft suggest adhering to these 5 security standards to protect yourself against over 99% of attacks.
Of course, we know that not every business owner or IT manager has the time to follow this advice, which is why using CSG as your cyber security partner can help protect you in 2024.
Enable multifactor authentication (MFA):
This protects against compromised user passwords and helps to provide extra resilience for identities.
Apply Zero Trust principles:
The cornerstone of any relicense plan is to limit the impact of an attack on an organisation. These principles are:
- Explicitly verify. Ensure users and devices are in a good state before allowing access to resource.
- Use least privilege access. Allow only the privilege that is needed for access to a resource and no more.
- Assume breach. Assume system defences have been breached and systems may be compromised. This means constantly monitoring the environment for a possible attack through using CSG’s support.
Use extended detection and response (XDR) and antimalware:
Implement software to detect and automatically block attacks and provide insights to the security operations software. Monitoring insights from threat detection systems is essential to being able to respond to threats in timely fashion.
Keep up to date:
Out-of-date systems are a key reason many organisations fall victim to an attack. Ensure all systems are kept up to date including firmware, the operating system, and applications.
Protect data:
Knowing your important data, where it is located, and whether the right defences are implemented is crucial to implementing the appropriate protection.
You can make the way you protect yourself against cyber attacks easier through using Microsoft’s Software-as-a-Service (Saas) and Platform-as-a-Service (PaaS) solutions via the cloud. Implementing security solutions like MFA or Zero Trust principles is simpler with hyperscale cloud because these capabilities are already built into the platform.
Some Copilot FAQs
-
How will Microsoft 365 Copilot services handle and protect my sensitive data and information? The permissions model within your Microsoft 365 tenant will ensure that data will not unintentionally leak between users and groups. Copilot presents only data that each individual can access using the same underlying controls for data access used in other Microsoft 365 services. Additionally, we do not use customer data to train or improve the large language models used to generate content. You can review Microsoft’s privacy policy and service documentation for more information.
-
Where can I learn more about Microsoft’s commitment to Responsible AI? As AI is poised to transform our lives, we must collectively define new rules, norms, and practices for the use and impact of this technology. Microsoft has been on a Responsible AI journey since 2017, when we defined our principles and approach to ensuring this technology is used in a way that is driven by ethical principles that put people first. Read more about Microsoft’s framework for building AI systems responsibly, the ethical principles that guide us, and the tooling and capabilities we’ve created to help customers use AI responsibly.
-
What level of controls will an admin have to manage these new features? We will be providing admins with technical documentation about available controls and policies prior to the broader roll out of these AI features.
-
Will I need to ensure that additional network service endpoints or protocols are allowed in order to access Copilot services? As we get closer to broader availability, endpoint documentation will be added to the guidance for Office 365 URLs and IP address ranges.
Contact the team at CSG today to learn more about how we can support you in 2024.