Connect with us

Hi, what are you looking for?

HEADLINES

Microsoft defines digital threat landscape, advocates for stronger defense and resiliency in PH

The report shares unique insights on impending digital threats from over 130 Microsoft experts and contributors, offers real-world guidance, and outlines crucial actions that can help improve cybersecurity and resiliency across ecosystems and industries.

Cybersecurity has become a complex and critical imperative today and the need for improved cybersecurity and resiliency has driven governments and organizations the world over into a complex race to adapt and respond to threats, in order to continue providing critical services for the wellbeing and safety of their citizens. In response, Microsoft recently released its Microsoft Digital Defense Report 2022, which dives into today’s most relevant and pressing cybersecurity issues and examines the evolving global threat landscape.

The annual report was first released by Microsoft in 2020, drawing on the company’s unique vantage point on security. With billions of global customers, Microsoft is able to aggregate security data from over 1.4 billion devices powered by Windows worldwide and 43 trillion signals and threats analyzed daily. These factors, along with a $20 billion investment in cloud security over the next five years, gives Microsoft a high-fidelity picture of the current state of cybersecurity. The report shares unique insights on impending digital threats from over 130 Microsoft experts and contributors, offers real-world guidance, and outlines crucial actions that can help improve cybersecurity and resiliency across ecosystems and industries.

Understanding the state of cybercrime

Cybercriminals continue to act as sophisticated profit enterprises. Attackers are finding new ways to implement their techniques, increasing the complexity of how and where they host campaign operation infrastructure. Microsoft’s report highlights two of the most rampant cyberattacks, ransomware and phishing, then puts them into the context of nation state threats.

Organizations worldwide have experienced a steady growth in ransomware attacks beginning in 2019. However, law enforcement operations and geopolitical events in the last year had a significant impact on cybercriminal organizations. In the last year alone, the number of estimated password attacks per second increased by 74%. Many of these fueled ransomware attacks, leading to ransom demands that more than doubled.

Advertisement. Scroll to continue reading.

At the same time, there has been a steady year-over-year increase in phishing emails. The shift to remote work in 2020 and 2021 saw a substantial increase in phishing attacks aiming to capitalize on the changing work environment. Phishing attacks—a common entry point for most cyberattacks—have increased by over 300% worldwide, with over 710 million phishing emails blocked weekly in 2021 alone.

The two cyberattacks are only amplified by nation state threats—cyber threat activities that originate in a specific country with the apparent intent of furthering national interests. In recent years, nation state threats have caused growing tension between countries, which further drives the importance of strengthening cybersecurity postures. Microsoft underscores that nation state groups’ targeting of critical infrastructure increased by 40% in the past year alone, with actors focusing on companies in the IT sector, financial services, transportation systems, and communications infrastructure.

“Cybercrime has grown more intricate over the years. We are seeing attacks that are much faster, more deliberate, and smarter,” said Abbas Kudrati, Chief Cyber Security Advisor of Microsoft Asia Pacific. “The trillions of data signals we analyze from our worldwide ecosystem of products and services reveal the ferocity, scope, and scale of digital threats across the globe. Microsoft is taking action to defend our customers and the digital ecosystem against these threats, and throughout the Digital Defense Report we offer our best advice on the steps individuals, organizations, and enterprises can take to defend against these increasing digital threats..”

Establishing good cyber hygiene and strengthening infrastructure security

Insights from the Microsoft Digital Defense Report 2022  make it clear that to minimize risks and losses, governments and organizations must first have a solid cyber resiliency foundation.

Advertisement. Scroll to continue reading.

“Given the increase of rampant cyberattacks, we cannot guarantee 100% security against cybercrime. However, we need to start thinking about how we can create a more resilient environment,” said Kudrati. “Organizations need to develop a plan that focuses on minimizing the impact and improving recovery time against attacks. It is crucial for them to find the right technology to keep them protected and resilient.”

Microsoft emphasized the importance of adherence to basic security practices and behaviors—enabling multi-factor authentication, applying security patches, being intentional about privileged s, and deploying modern security solutions from any leading provider. The average enterprise has 3,500 connected devices that are not protected by basic endpoint protections, and attackers take advantage.

It is also critical to detect attacks early. In many cases, the outcome of a cyberattack is determined long before the attack begins. Attackers use vulnerable environments to gain initial access, conduct surveillance and wreak havoc by lateral movement and encryption or exfiltration.

Finally, as this year’s report explores, bridging the security skills gap and increasing the security professional population must be addressed by the private sector and governments alike—and organizations need to make security a part of their culture.

Building a safer and more resilient cyberspace for the Philippines

Advertisement. Scroll to continue reading.

In recent years, Microsoft has worked closely with the Philippine government to activate a number of policies and frameworks such the Critical Infrastructure Protection Act proposed by the Senate, DICT’s Cloud-First Policy and an AI Governance Framework to ensure the responsible use of artificial intelligence across both public and private sectors.

As the new Philippine administration looks towards refreshing the National Cybersecurity Plan alongside its prioritization of digital acceleration, Microsoft is partnering with national government agencies to build a safer cyberspace for the nation and its citizens. The massive number of signals it receives and analyzes allows Microsoft to assess the threat landscape and provide data-driven insights to support the development of Philippine policies on cybersecurity.

“The Philippines ranked 61st to of 194 countries in the ITU Global Cybersecurity Index. If you probe a bit deeper, one of the pillars we need to improve on the most is organizational measures, which refers to the nation’s cybersecurity strategy and its implementation,” said Dale Jose, National Technology and Security Officer of Microsoft Philippines, “It is more crucial than ever to develop a better cyber defense posture in the country as it is fundamental to establishing stronger grounds for digitalization. Now, we put the MDDR into the Philippine context and discuss action points the government must prioritize in order to prepare for, respond to, and recover from cyberattacks and security breaches.”

For this, Microsoft’s policy recommendations for the Philippine government include:

  • Assessing the feasibility of adopting zero trust principles
  • Protecting the country’s critical through consistent security baselines
  • Strengthening incident response and recovery through a reporting obligation
  • Building interoperability and cooperation to address the growing threat of cybercrime;
  • Advancing information sharing for cybersecurity deference and response
  • Leveraging hyperscale cloud technology to improve cybersecurity and operational resiliency
  • Fostering enhanced supply chain security
  • Enhancing cybersecurity transparency and assurance through certifications and labels
  • Strengthening the Internet of Things (IoT) security
  • Responding to new and ongoing AI security risks and opportunities
  • Advancing 5G infrastructure security

Microsoft is also joining hands with its customers, partners and communities to foster collaboration, share knowledge and further build strength in security for organizations nationwide. Most recently, Microsoft partnered with the Information Security Officers Group (ISOG) to dive into the findings of the Microsoft Digital Defense Report 2022 for the C-level and security experts in their community.

“Microsoft has been a partner to the Philippines for nearly thirty years and we will continue to do so even as technology evolves and changes the world we live in. We are committed to helping organizations work towards a more secure and resilient future,” said Jose.   Microsoft also releases a quarterly cyberthreat intelligence brief called Cyber Signals, which offers an expert perspective into the current threat landscape, discussing trending tactics, techniques and strategies used by the world’s most prolific threat actors. As such, it is a valuable resource to Chief Information Security Officers, Chief information Officers, Chief Privacy Officers and their teams as they evolve technologies, policies and processes. 

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

This all-EV fleet, launched in partnership with local operator EV Taxi Corp, begins operations in key Metro Manila hubs including Makati, Taguig, Pasig, Mandaluyong,...

HEADLINES

Global operators and tower companies are facing a wide range of energy challenges. The communications industry consumes 2.5% of the world's electricity, with base...

HEADLINES

The HP AI Accelerator fits in a range of HP devices including the HP Engage One Pro G2, HP Engage Flex Pro G2, and Pro-C G2, and...

HEADLINES

This solution underpins the importance of cross-industry collaboration and teamwork to support people with diabetes in their daily lives and the provision of healthcare.

HEADLINES

PLDT and Smart provided communications support to the bootcamp and to the conference delegates. This aligns with THINKaMuna Pilipinas – the MIL initiative in...

HEADLINES

Powered by HP’s inkjet technology, Duo combines the capabilities of the D300e Digital Dispenser and the Uno Single Cell Dispenser, delivering a major advancement in speed and...

HEADLINES

In 2024 alone, Apple stopped over $2 billion in potentially fraudulent transactions and blocked nearly 2 million risky app submissions from reaching users.

HEADLINES

New drug pooling and interoperability enhancements enable sponsors and CROs to control drug inventory across various clinical trials simultaneously using the same investigational product.

Advertisement