At a news conference on Monday, Microsoft announced several new intelligent security tools and technologies to help enterprises more easily secure their data and networks against today’s biggest threats as well as address emerging threats aimed at IoT and edge devices. These new solutions build on Microsoft’s longstanding approach to delivering innovation that customers and partners can build upon to strengthen the broader ecosystem against cyberattacks from the cloud to the edge.
“As last year’s devastating cyberattacks demonstrated, security threats are evolving and becoming even more serious,” said Brad Smith, president of Microsoft. “The tech sector’s innovations need to accelerate to outpace security threats. Today’s steps bring important security advances not just to the cloud, but to the billions of new devices that are working on the edge of the world’s computer networks.”
Securing a new generation of connected devices: announcing Azure Sphere
Microsoft is harnessing the power of the intelligent cloud to address emerging threats against a new class of connected devices, those relying on a chip the size of a thumbnail called a microcontroller unit (MCU). MCU-powered devices are already the most populous area of computing with roughly 9 billion new devices every year. They are found in everything from toys and household appliances to industrial equipment — and attackers are starting to target them.
To bring security to this next generation of connected devices, Microsoft is introducing Azure Sphere, the industry’s first holistic platform for creating highly secured, connected MCU devices on the intelligent edge. Featuring an entirely new class of MCUs with more than five times the power of legacy MCUs, an OS custom built for IoT security, and a turnkey cloud security service that guards every Azure Sphere device. With Azure Sphere, Microsoft extends the boundaries of the intelligent edge, to power and secure an entirely new category of devices.
“As our homes become more connected, we place significant value on the security of connected devices, so we can focus on continuing to deliver an exceptional customer experience,” said Brian Jones, director of Product Strategy and Marketing at Sub-Zero Group Inc. “Microsoft’s approach with Azure Sphere is unique in that it addresses security holistically at every layer.”
Microsoft 365 Intelligent Security Solutions: Simplifying Security
As security threats become more complex, companies are increasingly finding that the intelligence and threat protection tools they need to remain a step ahead of attackers are in the cloud. Today, Microsoft introduced several new intelligent security features for its Microsoft 365 commercial cloud offering designed to help IT and security professionals simplify how they manage security across their enterprises:
Advanced tools that make it easier to prevent threats before they happen
• To help teams stay prepared and ahead of threats, Microsoft today released Microsoft Secure Score and Attack Simulator. Secure Score makes it easier for organizations to determine which controls to enable to help protect users, data and devices by quickly assessing readiness and providing an overall security benchmark score. It will also let organizations compare their results to those with similar profiles using built-in machine learning. Attack Simulator, a part of Office 365 Threat Intelligence, lets security teams run simulated attacks — including mock ransomware and phishing campaigns — to event-test their employees’ responses and tune configurations accordingly.
Automated threat detection and remediation to free up security operations teams
• With the latest Windows 10 update, now in preview, Windows Defender Advanced Threat Protection (ATP) works across other parts of Microsoft 365 to include threat protection and remediation spanning Office 365, Windows and Azure. Also available today in preview, and with the upcoming Windows 10 update, are new automated investigation and remediation capabilities in Windows Defender ATP, leveraging artificial intelligence and machine learning to quickly detect and respond to threats on endpoints, within seconds, at scale.
• Conditional Access provides real-time risk assessments to help ensure that access to sensitive data is appropriately controlled, without getting in the way of users’ productivity. Microsoft 365 is now adding the device risk level set by Windows Defender ATP to Conditional Access in preview to help ensure that compromised devices can’t access sensitive business data.
Stronger partnerships to give customers more integrated solutions.
• The intelligence data used to quickly detect and respond to threats improves as more relevant signals are added. Machine learning tools are only as good as the data they receive. Microsoft’s security products are informed by the trillions of diverse signals feeding into the Microsoft Intelligent Security Graph. Today, Microsoft announced a preview of a new security API for connecting Microsoft Intelligent Security Graph-enabled products as well as intelligence from solutions built by customers and technology partners to greatly enhance the fidelity of intelligence.
Most security tools report an attack from a single limited perspective, offering insight into one piece of a potentially larger threat. By connecting individual tools to the Intelligent Security Graph, security teams get new perspectives and more meaningful patterns of data to speed up threat investigation and remediation. The new API is in early testing with a select group of cybersecurity industry leaders that are collaborating with Microsoft to shape its development. The group, which includes Anomali, Palo Alto Networks and PwC, joined Microsoft today to share their own early exploration of the API and how it may improve each company’s ability to protect their mutual customers.
• Microsoft also is announcing a new Microsoft Intelligent Security Association for security technology partners so they can benefit from, and contribute to, the Intelligent Security Graph and Microsoft security products. Members of the association will be able to create more integrated solutions for customers that provide greater protection and detect attacks more quickly. Palo Alto Networks and Anomali join PwC and other existing partners as founding members of the new association.