5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less

Protecting your business against growing security threats is a huge priority. Companies of all sizes have increased their spending on cybersecurity solutions to protect their operations over the last year. User spending for the information security and risk management market will grow to USD169.2 billion in 2022, with a constant currency growth of 12.3 percent. The market will reach USD261.9 billion in 2026, with a constant currency growth of 11.1 percent (2021 to 2026).1 And though spending is increasing, cybercriminals aren’t going to slow down their attacks. The average cost of a data breach increased to USD4.35 million in 2022—an all-time high.2 With today’s economic uncertainty and ongoing talent shortages, organizations need comprehensive security that allows them to protect more without expending more.

Microsoft is committed to building a safer world together and helping you maximize the security you already have with your Microsoft investments. We’ve built a simplified and comprehensive security solution with six interconnected product families that protect your entire multicloud, multiplatform digital estate and leverage built-in threat intelligence from the 43 trillion signals we capture every day so you can catch what others miss.3 With Microsoft Security’s multicloud solution, you can simplify your approach to security through vendor consolidation and realize up to 60 percent cost savings.4 Essentially, you can do more with less.

We’re constantly looking for ways to bring more value and simplicity to our customers. At Microsoft Ignite, we announced five new innovations across our comprehensive portfolio so that you can confront the security threats you face. Customers with existing Microsoft 365 E5 licenses already have access to many of these resources—it’s simply a matter of turning them on. Keep reading for five ways you can do more—and secure more—with what you have in your security stack.  

Circle graph showing the six product lines under the multi-platform and multicloud Microsoft Security portfolio.

1. Build in your security from the start

To stay protected across clouds, start secure with cloud-native protection throughout the cloud application lifecycle. As my colleague Shawn Bice explains in his blog post on Microsoft Defender for Cloud innovations, cloud security requires a comprehensive approach and a centralized, integrated solution to mitigate risk from code to cloud.

Unfortunately, too often, cybersecurity and development teams within organizations operate entirely apart from each other. Applications may be deployed without first addressing security in code. This may cause security problems to be discovered right before deployment or, in many cases, in runtime. Development teams then must scramble to reconfigure or rebuild the application to address the security team’s findings, creating inefficiencies.

With more bad actors exploiting vulnerabilities in the code itself, it’s critically important to build in security from the beginning. Microsoft believes secure code development should be the industry standard. We’re introducing Microsoft Defender for DevOps, which empowers security teams to unify, strengthen, and manage DevOps security, so you can minimize vulnerabilities and cloud misconfigurations, and effectively prioritize and drive remediation in code across multi-pipeline environments.

We also announced the preview of Microsoft Defender Cloud Security Posture Management (CSPM) so your security teams can save time and remediate the most critical risks with contextual cloud security. New agentless scanning capabilities provide full coverage and real-time assessments across hybrid and multicloud environments. Then, Defender CSPM connects the dots for security teams, integrating insights from Defender for DevOps, Microsoft Defender External Attack Surface Management (EASM), and your workload protection solutions. Instead of sifting through long lists of vulnerable resources, customers can use the attack path analysis built on the cloud security graph to help reduce recommendation noise by up to 99 percent so you can identify the most critical risk on the most important cloud resources along potential attack paths.

With Microsoft Defender for Cloud, our integrated cloud-native application protection platform (CNAPP), you can seamlessly integrate security from development to runtime and accelerate threat protection across your multicloud environments. Get started today with the preview of these new innovations, available in the Microsoft Defender for Cloud dashboard, to gain comprehensive protection across clouds.

2. Build your trust fabric with flexible and secure access  

Building secure apps is just the start. After all, more people now work outside the office for at least a portion of each week. Some never go into the office at all. This—along with infrastructure as code and the rise in apps and clouds—have made organizations increasingly dynamic, so they need to build a trust fabric in their organizations that includes flexible governance without sacrificing protection.

At Ignite, we announced the preview of Microsoft Entra Identity Governance, which helps your organization ensure that the right people have the right access to the right resources at the right time. This release extends our earlier investments in converged identity governance and access management solutions and delivers a comprehensive identity governance product for both on-premises and cloud-based user directories.

The newly released capabilities include Lifecycle Workflows, which automate repetitive tasks and separation of duties in entitlements management to safeguard against compliance issues. These capabilities complement our existing governance features—access reviews, access certification, entitlement management, and privileged identity management. Customers can begin using these features immediately. Licensing terms will be announced with the general availability of Lifecycle Workflows.

Now, when you choose Microsoft Entra Identity Governance, you can simplify operations, support regulatory requirements, and consolidate multiple identity point solutions. Optimization through consolidation is a major way that organizations can do more with less. Be more efficient by unifying your tools. With Microsoft Entra Identity Governance, you can automate employee, supplier, and business partner access to apps and services—in the cloud and on-premises—at enterprise scale.

3. Decrease insider risk and prevent sensitive data from being shared

Protecting people and devices is not just about threats coming from the outside. Organizations need inside-out protection too. A Microsoft study on insider risks found that companies reported an average of 20 data security incidents a year, with 40 percent of those companies reporting a financial impact of USD500,000 or more per incident. To prevent this, companies must make sure their sensitive data isn’t being inappropriately shared—or even removed—by employees, unintentionally or not.

The report recommends evolving to a holistic insider risk management program that makes it easier to prepare for and mitigate these insider risks. That means deploying a solution that optimizes data protection strategy across the cloud, apps, and devices while reducing complexity—vital to doing more with less in compliance. To support your organization’s efforts to protect against insider risks and keep sensitive data protected, we’re growing the Microsoft Purview family of data governance, risk, and compliance solutions.

Microsoft Purview helps protect sensitive data all along its journey, from data source to point of consumption. We announced the general availability of Microsoft Purview Information Protection for Adobe Document Cloud, combining the power of native classification and labeling with the power of Adobe Acrobat to seamlessly secure PDFs. Also in preview are several new data loss prevention capabilities—including granular policy management and contextual evidence for policy matches on endpoint devices—to prevent the unauthorized sharing or transfer of sensitive data. All of these new capabilities can be enabled in the Microsoft Purview compliance portal by customers with a Microsoft 365 E5 license or with the standalone Microsoft 365 E5 Compliance suite.

4. Manage securely across platforms and clouds

To help protect sensitive data, strong security against both external threats and insider risks relies on well-managed endpoints. In April 2022, we announced a plan to launch a series of premium endpoint management solutions to help bolster endpoint security, improve user experiences, and reduce the total cost of ownership. This suite will bring together mission-critical endpoint and security management tools in Microsoft Intune, our cloud-powered unified management solution, and will help protect endpoints in the cloud, on-premises, and across device platforms.

We have committed to innovating in advanced compliance and advanced security. The evolution of our advanced endpoint management plan is another step in providing a comprehensive solution. The suite will include capabilities such as endpoint privilege management, intelligent automation and data insights, remote help, and automated app patching. All these capabilities will be based on Microsoft Intune so you will benefit from our unified console and integrations with our entire security stack: Microsoft Azure Active Directory (now part of Microsoft Entra), Microsoft Defender, Microsoft Priva, and more. Customers with either a Microsoft 365 E3 or E5 license will be able to take advantage of the new suite once it launches in March 2023.

We’re also excited to announce that Microsoft Intune is now the new name for our expanding family of endpoint management products. We remain committed to our customers using Microsoft Configuration Manager and will meet you where you are in your journey to cloud management. Because hybrid work is here to stay, we will continue to deliver more value for better outcomes, better experiences, and simplified IT and security operations through our cloud solutions.

5. Protect at machine speed

We all know that endpoints are by no means where security stops. We are introducing the preview of automatic attack disruption in Microsoft 365 Defender, which helps protect organizations at machine speed where it all comes together—in the security operations center (SOC). Using the power of extended detection and response (XDR), Microsoft 365 Defender—available in a Microsoft 365 E5 license—correlates trillions of signals across identities, endpoints, email, documents, cloud apps, and more to detect in-progress attacks like ransomware and financial fraud. Automation enables you to be more effective by helping you detect and respond faster and more accurately to external attacks and insider risks.

Once an attack is detected in the environment, affected assets like compromised identities and endpoints are automatically isolated. This game-changing capability limits lateral movement and reduces the overall impact of an attack while leaving the SOC team in control of investigating, remediating, and bringing assets back online.

In addition to attack disruption, we’re going even further to help make your teams’ lives easier. We’ve simplified the investigation experiences in both Microsoft 365 Defender and Microsoft Sentinel to expedite incident response and help defenders stop breaches faster. We do this by reducing context switching.

Besides simplifying investigation experiences, we’re also introducing a new unified search experience and low-cost options of voluminous log storage to enable SOC teams to quickly search massive volumes of historic data. For more hands-on assistance, customers also can now get expert guidance and accelerate their migration to Microsoft Sentinel with Microsoft Sentinel Migration and Modernization Program.

Customers tell us that our tools that support the efforts of their security teams are incredibly valuable. Consider the story of Webber Wentzel, a leading law firm in South Africa. “Security professionals often become disillusioned and disheartened by their work,” said Warren Hero, Chief Information Officer of Webber Wentzel. “With the Microsoft security ecosystem, we now have opportunities for our people to engage in less tedious, more meaningful work while accelerating our security capabilities.”

Endpoint protection for 50 percent less

We know that doing more with less is not just about innovation. It’s also about access. That’s why we are excited to announce a new, limited-time offer to help organizations adapt more easily to the growing threat landscape and macroeconomic pressures. Starting on November 1, 2022, we are giving new and existing customers 50 percent off Microsoft Defender for Endpoint P1 and P2 licenses. This gives organizations looking to modernize their security portfolio the opportunity to move away from legacy antivirus solutions. This is the first step to an integrated security information and event management (SIEM) and XDR solution that improves visibility across identities and endpoints, so they can be more unified and increase SecOps efficiency.

Speaking of efficiency, maximizing the value of your current investments is a fantastic way to operate more efficiently. One of your biggest investments is your people. We can help you educate your employees by providing access to free online security training during Cybersecurity Awareness Month. This free training is available on our Cybersecurity Awareness Month website, along with other resources.

If all these innovations didn’t make it clear, we are absolutely committed to working with defenders and want to give you every tool and resource possible to support your organizations. Our more than 785,000 customers in 120 countries motivate us to maximize value for them by combining six product families into a comprehensive security approach that offers simplified management and built-in threat intelligence that harnesses inputs from 43 trillion signals we process and learn from every single day.3 Do more with whatever you’re already benefiting from, and we’ll continue to strengthen the security of our platform and applications so you can be confident about the security of your data centers and services. To learn more about our innovation announcements, watch the Microsoft Security keynote delivered at Microsoft Ignite 2022.

Learn more

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.


1Gartner® Forecast: Information Security and Risk Management, Worldwide, 2020-2026, 3Q22 Update.  September 28, 2022. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. 

2Cost of a Data Breach , IBM. 2022.

3Cyber Signals, Microsoft. 2022.

4Savings based on publicly available estimated pricing for other vendor solutions and web direct and base price shown for Microsoft offerings.​

READ MORE HERE