Key Takeaways
Capitalise on Microsoft's billion dollar annual cyber security investment to reduce your risk
Learn how you can increase your operational efficiency through automated threat mitigation while enabling your teams with secure collaboration
Read on to see Microsoft Defender for Cloud in action and learn how to simplify complex Security Orchestration problems
Improve the efficiency of your teams by introducing ArchTIS NC Protect and enable Secure Collaboration
Lets agree on one thing - We're not all exactly rushing to get back to the office, are we? And that presents an ongoing challenge for IT leaders and security technologists.
While much has changed in recent years, many things have stayed the same and remote work will look similar for some time.
Yet we still need to do our jobs, remotely for the most part and as CISOs and CIOs more than ever we need to ensure that our teams and our organisation have access to the data, apps and services required to do our jobs - and this must not degrade our security posture or increase our risk.
And just to make things a little more colourful, according to the Australian Cyber Security Centre, 90% of companies listed on the ASX have experienced a data breach, while cyber security and data security incidents have increased 13% during COVID. The cost to Australian businesses now stands in excess of $33 billion annually.
The stakes have risen.
A recent Microsoft survey of decision-makers asked respondents what their top security concerns are, topics they are most interested in, and what their investments look like for 2022.
As the C-suite begins to move from stemming the bleeding of the past two years, to forward thinking again, no longer can cyber security be bolted on. It must form a central piece of our digital strategies and one of the many challenges before CISOs and CIOs is convincing the exec team that the threat is real and present when a breach is yet to be detected.
And believe me, we are all under attack, everyday.
So while the top objectives for the C-Suite in 2022 still remains as Improving operational effectiveness, transforming digital estates and creating a data driven organisation, cyber security must be at the forefront of these discussions.
While acknowledging the increase in intelligence and sophistication of attacks from threat actors, leaders must ask themselves, how can I continue to enable the organisation, while doing so in a secure and effective manner, against a backdrop of evolving cloud technology and evolving threats?
Its quite the challenge!
Analysts tell us that data is being created at a rapidly increasing rate. It is anticipated that by 2035 there will be over 30 billion connected devices on the internet and IoT, producing over 175 zettabyte's of data. One of our many jobs as technology leaders is to ensure that we secure not only the devices (or limit the surface attack area) but also the data within our estates.
To level the playing field we must view the traditional approach to security - of locking down the perimeter - as no longer the panacea it once was. We must assume a breach. This requires a shift in thinking and a move towards a Zero trust mentality.
To underscore the need for a Zero Trust, cyber crime research tells us that the average threat actor is inside a corporate environment for over 100 days before pulling the trigger and sending you down the rabbit hole.
A Mitre Att&ck kill chain (image below) shows that the typical method of entering an environment is via an insecure device or credential theft and then actors move laterally, upgrading their credentials, understanding your environment and critical data, waiting for the right time to attack (such as launching a ransomware attack).
So if we assume a breach, what comes next? We need to ensure that the data is protected from access and loss. Microsoft provides some terrific security features built-in to Azure and Azure AD to protect assets and data such as IAM policies in AAD and Azure across subscriptions and resource groups, MFA to mitigate identity incidents and role based access control (RBAC) to prevent unauthorised access to files and folders.
However if an actor can move laterally and increase their permissions, this makes IAM and RBAC somewhat redundant.
The question remains, how do we provide the best secure collaboration experience for our organisation without creating complex barriers to productivity?
Attribute Based Access Control (ABAC)
ABAC is a further layer on top of RBAC and IAM policies. ABAC policies use metadata to ensure that the right file, document or data is accessed only by those who have the right permission, device profile and from approved locations, controlling how the data is presented. ABAC provides another layer of defence against encryption, loss or unauthorised access and in a zero trust environment ABAC provides a compelling tool to help minimise damage and buy us time to respond, when under attack or at risk of data exfiltration.
Further to this, ABAC reduces the threat of insider risk (be it malicious or careless) by implementing data loss prevention (DLP) polices to stop the unauthorised removal of data and documents.
ArchTIS are a solution provider that provide ABAC in addition to secure reader, custom granular policy control, document redaction (in the case it is stolen or accessed, a further layer for sensitive material) and watermarking. What's more, there is no forklift required to integrate with Microsoft Teams (including channel controls), Outlook, Azure, Database, SharePoint, Dropbox and many more. The introduction of ABAC is a seamless, unified user experience that enhances the security of common tools mentioned above – even going as far as providing teams channel controls for users outside your organisation beyond what is available in the Teams administrative portal.
However before we reach the promised land of Secure Collaboration, there is some plumbing we must attend to first.
Microsoft Defender for Cloud
Microsoft defender for cloud is Microsoft's multicloud and hybrid extended detection and response solution (XDR) designed to help with infrastructure protection and data security, assisting organisations to rapidly improve the security posture of the digital estate.
Additionally, Defender for Cloud provides quick pathways to remediation of risks and baselines compliance levels against global and industry standards such as NIST, CIS, PCI and more locally, APRA amongst many others. This information is then presented as an easy to consume Secure Score, that provides an at-a-glance scorecard of how your security posture looks and outlines actions to take for reducing risks.
With Azure being built from the ground up with security front of mind, it makes sense that Microsoft provide one of the most comprehensive and one of the best Azure security solutions in the market today. As a first step to improving your security posture and awareness, introducing Microsoft defender for cloud will help address the following challenges:
Gaining a complete understanding of your rapidly changing and complex cloud workloads
Identify, remediate and protect against Increasingly intelligent and sophisticated attack campaigns (emphasis on the word campaign - Mitre attack kill chains are lengthy)
Limit the entry point for an enterprise grade security solution, helping address the dearth of Security skills which has been exacerbated by COVID
Provide deep and holistic insights to assist with convincing Executive Teams of the focus and investment required to remain proactive and vigilant against cyber security threats.
Once we have an understanding of our posture and have performed a basic risk assessment, we can begin our journey towards secure collaboration, which ultimately drives increases to operational efficiency and productivity.
Azure Purview and AIP are two tools available today to help secure Azure and your data through identification and labelling of sensitive and critical data and intellectual property. These tools assist with scanning structured and unstructured data sources to help us assess, identify and label our data no matter where it resides.
As we move towards a zero trust and secure collaboration world, introducing ABAC controls and policies will further enhance our defences for sensitive data and documents, allowing the right user access from the right device and location through the correct channels.
The benefits of ABAC are extremely tangible, with a clear ROI that will:
Provide deep insight into all data repositories across your entire estate
Reduce reputational risk and risk of litigation through fine grained policy definition, redaction, secure readers and auditing controls
Improve security posture, ensuring the right people, from the right device and location have access to the correct data
Enables users to further leverage the tools they are already familiar with such as Teams, SharePoint, OneDrive and others, without reducing your security posture or introducing complex barriers for data access
Reducing duplication of licencing and functionality (feature parity and overlap) by securely extending the use of the 365 suite and reducing the requirement for dedicated DMS and collaboration tools
As we continue to fight the good fight against cyber criminals and threat actors, the game is changing. Through Microsoft's annual billion dollar investment in security (which was recently quadrupled to $20B over the next 5 years), the Australian mid-market can capitalise on this and bring the power of enterprise grade security tools to every Australian business - at a price point that makes sense.
Furthermore, there is a wealth of information provided through the collaboration with Microsoft and Wrive, presented in easily digestible format, that helps your team enhance their cyber security knowledge and awareness, further building your capabilities and resiliency.
Intelligent, zero trust, cyber security coupled with secure collaboration are two approaches to security that help keep our environments and data safe from threats while maximising usability for our organisation.
At Wrive, we assist our clients to lay the foundation for a Secure Collaboration environment by first providing a detailed understanding of their estates security posture through our free 30 day cyber security risk assessment utilising Microsoft Defender for Cloud. This assessment is across hybrid cloud (on-prem) and multicloud (AWS, GCP) environments and provides detailed information to help technology teams understand their risks and take immediate action.
Even those organisations with a mature security practice can stand to benefit from an end-to-end solution with broad multi-cloud and multi-platform coverage and deep, industry-recognized protection.
To take advantage of Wrive's free security assessment offer and begin to improve your security posture in under 15 minutes, book your session with our security architecture team today
To hear from Microsoft about their Security best practice guidance including reference architectures, download the Zero Trust Whitepaper, detailing their learnings from real world case studies over the past 5 years.
To find out more about how ABAC can help improve your frontline security of data, check out our datasheet
To understand more about how defender for cloud can improve your security posture in under 15 minutes, check out our case studies, whitepapers and blogs in our newsroom
To see Defender and ArchTIS in action register for our upcoming webinar