New ways to protect democratic institutions from cyber threats

By Keshav Dhakad, Group Head & Assistant General Counsel, Microsoft India

Rising cyberattacks are a known phenomenon, impacting economies, innovation, and societies globally at an unprecedented scale. Cyber breaches not only invade people’s privacy, commit fraud, and abuse sensitive information, they can bring essential public services and critical infrastructure to a halt. However, last few years saw cyberattacks targeting political campaigns in several countries. These attacks are not limited to political campaigns themselves but often extend to think tanks and non-profit organizations working on topics related to democracy, electoral integrity, and public policy that are often in contact with government officials.

Several nations around the world head to democratic polls every year, whether federal or state, and hundreds of millions of people are touched by political campaigns and the election process, leveraging digital technologies and digital media. As Microsoft, we believe it’s critical that organizations underpinning the democratic process have access to state-of-the-art cybersecurity protection as we have seen and continue to see efforts by nation-states and others to influence elections in democracies around the world, including in North American, Europe, and Asia.

Collaboration is key

Microsoft has been a long-standing advocate of the shared responsibility of the government, industry and individuals to manage a safe and secure cyberspace for a strong protect, detect and respond readiness. When it comes to fighting and disrupting sophisticated cyberattacks, the technology leadership, public-private partnership, and collaborative cybersecurity regulations are key to win against cybercrime. At Microsoft, we are not only investing deeply into next-gen security R&D, spending over USD1 Billion annually to innovate on built-in platform protection, but we are infusing defense-in-depth AI enabled threat intelligence analytics, detection and response capabilities into our products and cloud services. To be successful, technology companies, government, civil society, the academic community and researchers need to come together and partner in new and meaningful ways. Globally, we have also been working to support the Paris Peace Call for Trust and Security in Cyberspace, the Digital Peace Now Campaign, and Cybersecurity Tech Accord. We also work with governments and election-oriented customers around the world, helping them take steps that result in stronger security and greater public trust in the outcomes of elections and the overall democratic process.

Microsoft AccountGuard

We launched Microsoft AccountGuard service globally in August of 2018 as part of our Defending Democracy Program, which seeks to secure campaigns and electoral processes from cyber threats and disinformation and we are now making AccountGuard service available in India. The Microsoft AccountGuard service is already available in several countries such as U.S., Canada, Ireland, U.K., France, Germany, Sweden, Denmark, Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal, Slovakia, and Spain.

Microsoft AccountGuard, is a state-of-the-art cybersecurity service available at no extra cost to all political candidates, parties, and campaign offices operating at a local or national level. It is also available to think tanks, non-profits, and nongovernmental organizations working on issues related to democracy and electoral integrity. Microsoft AccountGuard is offered free-of-charge to organizations using Office 365.

The service provides notification of cyber threats, including attacks by known nation-state actors, across both email systems run by organizations and the personal accounts of these organizations’ leaders and staff. Eligible organizations can invite selected staff and other associates to enroll, and notification will only occur with the consent of the account owner. Organizations can get protection for external individuals helping with a campaign, board members of non-profit organizations, or volunteers. When we detect threats, we will work directly with participating organizations to notify them and help them secure their systems.

Microsoft AccountGuard also provides organizations guidance to help make their networks and email systems more secure. This can include applying multi-factor authentication, installing the latest security updates, and guidance for setting up systems that ensure only those people who need data and documents can access them. AccountGuard also provides briefings and training to address evolving cyberattack trends as well as preview releases of new security features on a par with the services offered to our large corporate and government account customers.

India is one of the largest democratic country in terms of demographics,  has well established democratic institutions and systems to make it a true representative democracy. In terms of cyberattacks, we need technology leadership, new ways and approaches to protect its very essence. However, many organizations essential to democracy do not have the resources or expertise to defend themselves against cyberattacks. That is why we, as technology providers, have a responsibility to help. Microsoft AccountGuard offers additional security measures. We recognize that we cannot solve this problem alone and are committed to continue working with stakeholders alongside our industry peers to help protect the democratic processes.