Written by Fred Sheu, National Technology Officer, Microsoft Hong Kong
As technology and the Internet have evolved dramatically over the past decade, so too has both the occurrence and potential impact of cyberthreats. The sheer number of data breaches almost double, reaching 1.2 billion in 2018, and the number of records exposed increase more than 27-fold in the span of less than ten years. As we have moved from Stuxnet to NotPetya, WannaCry and beyond, cyberattacks have become far more complex and disruptive than ever. With the average cost of a data breach to a company totaling US$4 million, cybersecurity has become an operational imperative for every organization.
As a leader in cybersecurity, Microsoft devotes more than US$1 billion annually to fighting cybercrime, and each month we scan over 470 billion emails for phishing threats and malware and 1.2 billion devices for security. Based on Microsoft’s unique insights into the threat landscape, we believe there are four key trends that will shape cybersecurity industry in 2020 of which organizations can take a closer look and stay one step ahead to better protect themselves.
1) The Good – and Bad – of Artificial Intelligence
AI’s ability to harness the power of data has given us some incredible new capabilities and insights in the fight against cybercrime, including being able to identify patterns and anomalies faster and more thoroughly, which allows us to get better countermeasures in the field more quickly.
Unfortunately, AI is not just being used for good. It can also be used as a tool by attackers, creating even more destructive malware. This means a higher number of new infections can be unleashed, which in turn can better hide from detection while they are wreaking havoc.
Because attackers often change their approach, Microsoft has developed our own AI and machine learning (ML) protection based on risk factors, instead of just chasing down previous iterations of malicious code. We process a whopping 8 trillion signals daily in the Microsoft cloud, which allows us to react to “patient zero” threats almost instantly.
However, technology alone cannot keep defenders ahead of adversaries. While AI-based malware is especially effective in evading traditional signature-based anti-virus detection, companies like Microsoft employ 3,500 security experts to help track threats and train their own AI and ML based protection that evaluates a wide range of risk factors – not just previously discovered malware. Furthermore, teams like Microsoft’s Digital Crimes Unit proactively identify criminal organizations creating malware and often work with law enforcement to disrupt their activities.
2) Collaboration to protect supply chains
With more than 75 billion mobile devices (including IoT) anticipated to be in use globally in 2020, gaps like outdated software, unsecured devices and default administrator accounts can provide a wide range of vectors for attackers to enter systems. Further, just two years from now – in 2022 – more than half of enterprise data will be created and processed at the edge, outside of the data center or cloud.
To counteract this, vendors will need to band together to protect their customers and supply chains. Integrated solutions can also provide additional protection – for example, the Microsoft Identity platform adds multifactor authentication for 1.4 million unique apps, many of which, like ServiceNow, GoogleApps and Salesforce, are used by enterprises daily.
Over time, we expect to see even more widespread and formal industry collaboration and technology vendors put customers first and embrace the complexity of modern supply chains.
3) The Importance of Securing the Public Cloud
As on-premises and mismatched standalone solutions are no match for cyberthreats, the public and hybrid clouds will be the real keys to providing tools for enhanced safety. A hybrid cloud solution allows for AI understanding and insights about the global threat landscape thanks to the more than 8 trillion signals a day which pass through the cloud. Public cloud solutions also make it possible to have additional safeguards like sign-in location checks or secondary authentication, all without bringing traffic to a halt.
Currently, two-thirds of companies are already on hybrid cloud or plan to deploy in the near future, and with the global cloud market growing more than 40% in 2019, that’s a trend we expect to see continue.
4) The fall of passwords, and the rise of Zero Trust
In 2019, more than 4 billion records were exposed due to data breaches. Poorly secured identities and passwords are still our weakest link, especially in the face of AI-based malware. In fact, 63% of all confirmed data breaches involved weak, default or stolen passwords.
A key weapon for fighting back is implement a Zero Trust system. Zero Trust systems do not automatically trust anything from within the perimeter, so even if bad actors do manage to get through corporate firewalls, they would still need additional authentication factors to reach each different or sensitive part of the network. Multifactor authentication for businesses can actually help reduce the risk of identity compromise by more than 99.9%. By using biometrics and identity-based certificates, organizations can increase safety and streamline the user experience, while industry partners can help scale while still ensuring personal privacy.
While some of the threats and developments in cyberattacks are recent, the solution remains the same – we can only be successful in counteracting these malicious attacks through best practices, advanced technology and true collaboration on a local and global level. Microsoft is committed to working together with users, enterprises and networks to better protect organizations and allow them to focus on their core charters and missions.
Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.