Dear all,
According to Microsoft’s recently published Digital Defense Report, “80-90 percent of all successful ransomware compromises originate through unmanaged devices.” Microsoft offers suggestions to improve security at organizations that allow bring your own device (BYOD); The UK’s National Cyber Security Centre also has BYOD guidance. The Microsoft report also notes that human-operated ransomware attacks are up more than 200 percent. Most of those were targeted organizations with fewer than 500 employees. The report also reinforces the importance of essential security hygiene, saying “Basic security hygiene still protects against 99% of attacks.”
Microsoft Digital Defense Report 2023
Microsoft Digital Defense Report 2023 (MDDR) | Microsoft Security Insider
HI All
Thank you for the references, however, how much of this was created via Microsoft themselves through their own insecure practices?
One thing is sure, we have created a very complex environment, which seems to gather annually more momentum, so surely Security & Privacy by Design and Zero Trust Architecture practices should be adopted to any existing and any new technology and business solutions?
Rather than make it more complex, shouldn't we be making this less complex and supportable?
Or at which point, do we put our hands up in the air, and state it cannot be secured or the costs of doing so, is so large, that it does not make economic or financial sense at all?
Regards
Caute_Cautim
Thank you for your reply. Appreciate the share, @Caute_cautim
@Kyaw_Myo_Oo wrote:According to Microsoft’s recently published Digital Defense Report, “80-90 percent of all successful ransomware compromises originate through unmanaged devices.”
What does that mean, though? Are managed devices less susceptible to compromise or are there just very few managed devices?
I tend to pay little attention to the scare-slides. They often paint the picture that favors the author's narrative. Rare is it that they include the underlying data or a thorough analysis. Instead, I tend to focus on the conclusions/recommendations (page 7). In this case:
How can we protect against 99% of attacks?
- Enable multifactor authentication.
- Apply Zero Trust principles:
- Use extended detection and response (XDR) and antimalware
- Keep up to date
- Protect data
Notable to me is that these sound very familiar, having read many "state of the industry" reports.
@denbesten wrote:I tend to pay little attention to the scare-slides. They often paint the picture that favors the author's narrative. Rare is it that they include the underlying data or a thorough analysis.
The noise-to-signal ratio in our industry is significant. What I found interesting about Slide 7 and the recommended steps is that all of them translate to products or services. None of them drive at people or processes, which is where most vulnerabilities reside. Even when dealing with a technical vulnerability, such as a software flaw, in many cases patches or some mitigating strategy was available or not applied.
The reality is there is big money in insecurity. The message often promulgated by the industry is we need more software and services because the software and services we already have aren't doing the job.