When systems are attacked, we should respond. But how much better would it be if we could anticipate attacks before they strike and stop them with a proactive defense?
Faced with today’s cybersecurity challenges, that is no simple task.
“It’s a cat-and-mouse situation. AI is changing the speed and sophistication of attacks, and AI is making phishing and social engineering attacks, thanks to deep fakes, harder to detect,” said Kevin McCall, director, cybersecurity, risk, and regulatory at PwC US, speaking during a webcast titled, “From Risk to Resilience: Building a Smarter Cloud Security Strategy.”
McCall also warns of a “supply chain” of cybercrime consisting of ransomware-as-a-service, as well as threats embedded in developers’ toolsets.
“Once an attack has occurred, the average time to reduce exposure is 58 days,” noted fellow webinar panelist Nidhu Nalin, principal, cybersecurity, risk, and regulatory at PwC US. A lot of bad things can happen during the nearly two months when malware is on the loose and cyber thieves have access to corporate systems. That’s why being proactive — detecting and preventing threats, rather than reacting to them — is so important.
“Being proactive requires efficient automation. It also requires an integrated platform providing a single pane-of-glass view of the environment, with well-designed, tested, and optimized mechanisms to respond and recover,” said Nalin.
Automation is also important to help overcome the chronic cybersecurity talent gap. “As AI fuels faster and more sophisticated attacks, relying on staff alone can prolong the detection and prevention of threats,” said Nalin.
Being proactive sounds great, but it doesn’t happen overnight. Multiple disciplines are required, and they should work together. Littus Dsouza, senior product manager at Microsoft, said cybersecurity leaders should focus on these priorities:
- Defense in depth with layered security controls
- Zero trust, leveraging access controls to never trust but always verify
- Multicloud infrastructure to reduce risk and provide redundancy
- Security by design that “shifts left” to start and stay secure
- Exposure management and attack-path mapping to reduce risk by understanding misconfigurations and vulnerabilities
What’s the answer?
Microsoft Defender for Cloud is a suite of security products, integrated with other Microsoft products as well as third-party applications, that helps enterprises achieve these goals. Because it automates investigation and response, it helps organizations respond quickly while mitigating the need for a large, highly trained staff.
Dsouza noted that Defender for Cloud draws on Microsoft Threat Intelligence, analyzing over 80 trillion signals daily — information that tells cybersecurity leaders what is coming. “Microsoft Defender for Cloud transforms security from reactive to proactive by helping organizations anticipate and prevent attacks with continuous monitoring and automated response,” said Dsouza. Defender for Cloud isn’t only for Azure — it can safeguard workloads across AWS, Google Cloud, and on-premises environments from a single dashboard.
PwC works with Microsoft to help organizations implement Defender for Cloud. “PwC helps enterprises design and implement tailored security architectures, enhance multicloud posture, and align security with business goals,” said Dsouza.
Those efforts paid off for one Fortune 500 company. PwC helped deploy Defender for Cloud across the organization, during a data center migration. Integration with Microsoft 365 and Azure centralized endpoint policy configuration to confirm consistent security across the overall organization, said Nalin.
With bad actors arming themselves with AI, Defender for Cloud and PwC aim to keep you a step ahead. Said McCall, “If you’re not using automation, you’re falling behind.”
View the full webcast. For a deeper dive into Microsoft Defender for Cloud, PwC services, and cybersecurity leading practices, visit: www.pwc.com/us/microsoftcyber