What is it about the middle of the night that brings our fears to the surface? For me, it’s the unknown dangers that may confront my young daughter and how I will protect her.
Fear of the unknown can also disrupt the sleep of a chief information security officer (CISO) who worries about the inevitable attack they have yet to discover. What will they do when the company is breached? Is the organization ready? How bad will it be? This is why we adopt an “assume breach” mindset. Organizations must prevent as many attacks as they can, but they also must be able to detect when a bad actor has made it past their defenses and be ready to act.
If you are suffering from sleepless nights, the Defend your digital landscape e-book may offer peace of mind. The e-book shows how Microsoft 365 can help you quickly reconstruct an attack timeline and improve your defenses. It focuses on a (fictitious) Security Operations team lead, Cathy, who uses Microsoft 365 Enterprise E5 products to prevent, detect, and respond to a breach.
Prevent a breach
Phishing campaigns continue to be one of the most popular methods that bad actors use to compromise an identity and gain access to an enterprise. Even as users have gotten smarter, the attackers have improved their tactics. Defend your digital landscape describes how you can use Microsoft 365 security to prevent employees from accessing links or attachments that are a likely threat, or better yet, block damaging emails from reaching them in the first place.
Detect a breach quickly to minimize impact
To uncover a breach, you need to identify when users behave atypically. Each of your users has “normal” behavioral patterns related to how and where they access your network and resources. Microsoft 365 security can monitor usage and behavior across a variety of tools and platforms to develop a baseline for what is “normal” for each user. Once it knows what’s normal, it will recognize when something atypical has occurred and initiate action. The Defend your digital landscape e-book provides several examples of how you can use this capability to automate a response.
Respond to security incidents
If you are coordinating between several different security products, it isn’t always easy to reconstruct an attack timeline. This is important because attackers may have compromised several users or endpoints before you detect them. The e-book provides clear examples of how Microsoft 365 products work together to help you correlate details and uncover what happened, so that you can rapidly respond and take back control.
As a parent, one of my jobs is to raise a child who is resilient in the face of setbacks. I can’t eliminate all threats, but I can teach my daughter how to respond and recover when things don’t go as planned. This basic survival concept also applies to security professionals.
To learn more, download the first three e-books in our series:
Also, stay tuned for the fourth e-book in our series, “Understand and improve your security posture,” which provides recommendations to help you build a strong security posture.
READ MORE HERE