Skip to main content

Helping state and local government agencies address cyber security

Microsoft Security and Defense Center.Cyber-attacks against state and local governments are increasing and accelerating – even before COVID, two-thirds of attacks targeted state and local organizations. From January to May of 2020, there was a 350% increase in phishing attempts, with attackers taking advantage of the fear and uncertainty driven by COVID. With a nationwide workforce moving to remote work, vulnerabilities that may have been more fully protected by corporate networks are more easily exploited, and the sophistication of attacks through automation is resulting in an ever-growing barrage of cyber-attacks.

Despite the growing cyber risk landscape, organizations need flexible, integrated, and trustworthy solutions that enable them to make better-informed decisions and deliver impactful and often lifesaving services to their communities.  Our citizens have grown to expect a high level of service from the government, delivered through technology solutions that are high-performing and always available. Through the application of robust cybersecurity and resiliency capabilities, government agencies can help build community confidence and trust, ensure high-quality service delivery, safeguard data, protect critical digital infrastructure, and ensure privacy and regulatory compliance.

Government leaders must:

  • Modernize legacy systems, enhance cyber-resilience, and create a secure and compliant foundation for the future.
  • Protect personal information and information shared across organizations, ensuring that the right people have access to the right information at the right time.
  • Enhance trust and meet regulatory compliance requirements ensuring continuity of operations.
  • Prevent data loss from accidental or malicious internal leaks.

For organizations to meet the expectations of the public and to uphold data privacy standards, it must focus on an end-to-end Zero Trust approach. This aims to build security into the entire digital estate, across user identities, devices, network, infrastructure, applications, and data. Organizations can gain insights for their own operations from Microsoft’s strategy for managing its own cyber-security and by partnering with law enforcement to battle cyber-crime.

Key components to Microsoft’s own security strategy include our Cyber Defense Operations Center and the Microsoft Digital Crimes Unit.

Microsoft’s Cyber Defense Operations Center (CDOC) brings together security response experts from across the company to help protect, detect, and respond to threats in real-time. Staffed with dedicated teams 24×7, the Center has direct access to thousands of security professionals, data scientists, and product engineers throughout Microsoft to ensure rapid response and resolution to security threats.

Microsoft’s Digital Crimes Unit (DCU) is an international team of technical, legal, and business experts that has been fighting cybercrime to protect victims since 2008. We use our expertise and unique view into online criminal networks to uncover evidence so that we can make criminal referrals to appropriate law enforcement throughout the world. The DCU fights cybercrime such as ransomware attacks and business email compromise using technology, forensics, civil actions, and public/private partnerships with local and global law enforcement, security firms, researchers, non-governmental organizations, and customers to drive scale and impact while protecting the security and privacy of our customers.

Microsoft is committed to the highest levels of security. Microsoft invests over $1 billion annually on security, and our clients across government and the private sector turn to Microsoft to protect their data and ensure resilient delivery of services. With more than 30 billion identity authentications and 2.5 billion cyber threat detections each day and 5 billion document classifications per month, it is clear that Microsoft addresses security from end-to-end and is the choice to protect your world.

With the ever-increasing cyber-threat to government organizations, Microsoft will continue to drive innovation, best practices, and partnerships to reduce the risk to our government clients. Join us for a webinar as we more fully discuss these issues and to learn more about how you can better protect the citizens you serve: Public Safety & Justice Industry Digital Forum (

Additional Resources:

Microsoft’s Latest Security Blog:

4 ways Microsoft is delivering security for all in a Zero Trust world – Microsoft Security

Microsoft Security Video Series:

Ep. 1: Implementing Zero Trust Mindset

Ep. 2: How to make identity your control plane

Ep. 3: Explicitly verify your devices

Ep. 4: Grant the right people access to the right apps