On the 23rd of February, we gathered a panel of security experts to host a cybersecurity showcase at the exclusive RSA Vaults in London. The panel included our own security leads Malcolm Barske (UKI Security Lead), Jason Revill (Global Cybersecurity CoE Lead), as well as Sarah Armstrong, Microsoft’s Chief Security Advisor for EMEA, and guest speaker Lauri Love, a black-hat hacker and British Cybersecurity and Hacking Expert.

The panel treated our audience to a live cyberattack simulation lead by our UKI Security Lead, Malcolm Barske. We discussed the global threat landscape and demonstrated the power of Microsoft’s security solutions. We also learnt how cybercriminals are gaining momentum and confidence. With the average weekly attacks per organisation worldwide reaching a staggering 1,130 a week, the question is, how do you protect against next-gen threats?

1. Follow a robust security framework
Cyber security frameworks are sets of guidelines, standards and best practices to help your organisation build and improve its cybersecurity posture. There are many frameworks in existence, all designed to not only help you be better prepared in identifying and detecting cyber-attacks, but also help you to respond, prevent and recover from cyber incidents.

The National Institute of Standards and Technology (NIST) framework is widely considered to be the gold-standard for building a cybersecurity program. It categorises all cybersecurity capabilities, projects, processes and daily activities across five core pillars – Identify, Protect, Detect, Respond and Recover. The framework helps you prioritise your cybersecurity investments and decisions, but what’s key is that you spread your security solutions across all five pillars and don’t, like a lot of organisations, put all your eggs in the Protect basket.

The Center for Internet Security (CIS) has also published benchmarks for Microsoft products and services including the Microsoft Azure and Microsoft 365 Foundations Benchmarks. CIS is a non-profit entity that draws on the expertise of cybersecurity and IT professionals from government, business, and academia from around the world. Its benchmarks are intended for customers who plan to develop, deploy, assess, or secure solutions that incorporate Azure, and provides prescriptive guidance for establishing a secure baseline configuration for Azure.

2. Automate
To successfully protect against today’s attacks, it is essential to incorporate automation into your cybersecurity efforts. Not only can automation help improve SOC operations' efficiency, consistency, scalability, and cost-effectiveness, but by implementing automated processes, organisations can improve their overall security posture and better protect themselves from cyber threats. Automation also reduces the mean time to respond and the reliance on skilled analysts to investigate and respond to common attacks, enabling them to focus on more sophisticated indicators of compromise.

3. Include signalling
Did you know there are 1 million new pieces of malware created each day, and malware accounts for 51 percent of breaches. Did you also know that once an attacker has gained a foothold in an environment it takes, on average, one hour and 12 minutes to achieve domain dominance? Microsoft’s Intelligence Security Graph brings together security intelligence from within Microsoft, security operations centers, and partners from around the world to form an ecosystem of integrated security solutions. Using machine learning, behavioural monitoring, and the scale of the Cloud, the Intelligent Security Graph helps you to better protect, detect and respond to threats quickly and comprehensively.

4. Single pane view
Having a “Single Pane of Glass” or unified view to visualise and understand the state of your cybersecurity posture is fundamental. A holistic view of your IT infrastructure, including all its security tools and systems, with continuous monitoring and alerting will ensure your business has enterprise wide visibility into all assets. Without that visibility, managing security is a complex, cumbersome and time-consuming task – and when time is of the essence, that’s something you can ill afford. Of course, visibility only increases complexity, so full visibility needs to be backed by robust and modern security operations, with a diverse set of skills across your security controls, security vendors and environment.

5. Educate users
Your organisation is only ever as secure as its weakest link. With the sophistication of today’s cybersecurity solutions, hackers are increasingly going straight to source and targeting employees to get them to unwillingly or unwittingly hand over their credentials. Bolstering your first line of defence i.e. training your employees on cyber awareness is therefore absolutely critical. But simply having a policy in place does not go far enough. Regular training that’s relevant and engaging (we advocate gamification!) or online forums where employees can share information will help prevent the likelihood of a breach caused by human error.

Do you have a robust cybersecurity strategy? Are you ready to respond to an inevitable attack? Get started today with a Security Baseline Workshop to understand where you are and where you need to go.