by Keshav Dhakad, Regional Director, Digital Crimes Unit, Microsoft Asia
With more than 1 billion people in the Asia Pacific online and more people and businesses using multiple devices to stay connected to the Internet, cybercrime threats to security and privacy are rising and increasingly becoming more malicious and dangerous than ever before in our mobile-first, cloud-first world.
In fact, over the past six to eight years, there has been a progressive increase in the level of sophistication and stealth in which cybercriminals now operate to attack companies, governments and consumers. Highly automated, organized and concealed, they have leapfrogged how companies and organizations have traditionally been defending themselves and lack insights to anticipate modern day attacks. With large corporations and key government agencies being infiltrated, the rise of these online threats is the reflection of the convergence between internal IT environments and its extensive connection to the external world through mobile devices, supply chains, market places, vendors, customers, where any of the end points is a potential source for a cyberattack.
Based on estimates, cybercrime costs the global economy an estimated market value of US$3 trillion[1], with 71 percent of companies admitting they fell victim to a successful cyberattack in 2015.[2] Moreover on average, it typically takes companies over 200 days for them to find out that they have been compromised. One latest cybersecurity study indicated that the median-days in Asia-Pacific to detect a threat from the time of compromise/intrusion is over 500+ days[3], which is very grave situation for the region as a whole.
Why are companies not able to respond to such cyberattacks? We notice that there are quite a few common IT environment issues: Outdated, unprotected or non-genuine IT assets; lack of regular management and maintenance of IT systems; poor cyber hygiene of users and negligent employee behaviour; lack of big-data culture and data classification; and the inability of companies to monitor, detect and remove cyber threats in a timely manner.
What many people may not be aware of is that Microsoft invests US$1 billion annually just on cybersecurity. We are also the largest anti-virus and anti-malware service globally and one of the highest spenders in cybersecurity R&D. This investment allows us to continuously evolve in how we protect, detect and respond to security threats. These three commitments – Protect, Detect and Respond – define our approach to combating cybercrime and making customers and partners safer.
Microsoft’s first line of defence is to protect all endpoints, sensors, datacenters and devices to keep them secure. For instance, the Windows 10 Defender Advanced Threat Protection (ATP) helps enterprises to detect, investigate, and respond to advanced attacks on their networks. With a combination of client technology built into Windows 10 and a robust cloud service, it will help detect threats that have made it past other defences, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations.
Traditional IT security tools provide limited protection against sophisticated cyber-security attacks when user credentials are stolen, whereas today’s complex cyber-security attacks require a different approach. Microsoft Advanced Threat Analytics (ATA) bring the powerful big-data analytics capability by way of “Machine Learning” to efficiently analyze a company’s network and identify suspicious user behavior, log analytics and device activity with built-in intelligence and providing clear and actionable threat information to an organization.
When it comes to Microsoft Cloud Security, it is built-in and in-depth from the ground up, starting with the Security Development Lifecycle, a mandatory development process that embeds security requirements into every phase of the development process. We ensure that Microsoft Cloud is protected at the physical, network, host, application, and data layers so that our online services are resilient to attack. Continuous proactive monitoring, penetration testing, and the application of rigorous security guidelines and operational processes further increase the level of detection and protection for our customers.
On the offensive front, Microsoft Digital Crimes Unit (DCU) is taking on the fight against cybercriminals through strong public-private partnership to disrupt large scale cybercriminal networks. The DCU is made up of a team of lawyers, data-scientists, engineers, investigators and internet security experts employing the latest big-data and cloud based tools and technologies. While Microsoft’s main Cybercrime Center is in Redmond, USA, our presence in Asia continues to grow from strength to strength. In the past two years alone, three Cybersecurity Centers were opened in Singapore, Korea and India, adding to the two in Asia in China and Japan. The centers help drive greater public-private partnerships to fight cybercrime, increase cybersecurity awareness and engage customers and partners.
Taking down cybercriminals is not something one organization can do on its own. However, by making cybersecurity a top priority, we can help to build greater trust in technology and all that it promises to enable and foster digital transformation.
[1] World Economic Forum Jan 2014 estimate http://www.weforum.org/news/increased-cyber-security-can-save-global-economy-trillions
[2] http://fortune.com/2015/03/20/corporate-hacking/
[3] M-Trends 2016, Asia Pacific Edition, Mandiant Consulting, a FireEye Company
