Matt Suiche of Magnet Forensics talks about top security threats for organizations and strategies for effective incident response.
Relentless bad actors, evolving attack tactics, and numerous surfaces and endpoints that attackers may try to exploit. With the average cost of a data breach reaching an all-time high of USD4.35 million in 2022,1 protecting your people and data from adversaries is more important than ever. Plus, juggling multiple cybersecurity technologies can exacerbate the stress further. But while modern threats are increasingly complex, your security solution doesn’t have to be.
Microsoft Security solutions help you eliminate gaps and gain the simplified, comprehensive protection and expertise you need to innovate and grow in a changing world. You gain the capabilities to match the pace of adversaries, who develop and deploy threats at a frenzied pace hoping to exploit basic trust or human error. A panicked and tumultuous response isn’t the answer. Instead, Microsoft Security brings you a comprehensive solution across clouds and platforms and helps you do more with less by enabling you to be more efficient, effective, and unified.
But what do we mean when we say do more with less? We mean easing IT departments’ workload with technology that delivers a deliberate and effective security response. We mean increasing efficiencies and adapting to unexpected events quickly—everything from the pandemic to economic uncertainty. We mean managing the security of your business with fewer resources. And we mean giving back time so that security professionals can focus on the most important things.
Doing more with less is about a change in mindset and it doesn’t have to mean sacrifice. To further explain how this works in the real world, let’s explore three strategies of the do more with less approach and consider success stories from customers that have benefitted from each approach.
1. Simplify vendor management
When you hear do more with less, simplicity is likely one of the first attributes that come to mind. Protecting what’s most important to your organization is critical. However, juggling multiple technology vendors adds unwelcome complexity. Our research shows that large organizations have an average of 75 security solutions. Managing multiple vendors can be burdensome for IT while valuable security insights sit siloed in separate dashboards. And siloed solutions can result in fragmented visibility and can be exploited.
Several features of Microsoft Security support simplified vendor management. By choosing Microsoft Security as your comprehensive security solution, you can eliminate redundant capabilities, and consolidate the number of vendor contracts you manage. You can avoid the challenges of managing multiple vendors, each with its own contracts and licenses. Paring down the number of disparate security solutions can even help you realize up to 60 percent cost savings when you use our security, compliance, and identity solutions in Microsoft 365 E3 and Microsoft 365 E5.2
One Microsoft customer that has realized the value of simplified vendor management is Rabobank, a financial institution based in the Netherlands, which uses Microsoft 365 E3 and Microsoft 365 E5. The firm decreased its security vendors from more than 20 to 4, with Microsoft as its main vendor. The company was able to save €400,000 alone by switching to Microsoft Defender for Cloud for cloud threat and vulnerability management functionality. Microsoft Security has replaced multiple security information and event management systems (SIEMs).
“Our engineering team previously spent most of its time working to keep everything up and running and trying to integrate all those systems,” said Raoul van der Voort, Global Service Owner, Cyber Defense Center, Rabobank. “It’s difficult to ensure that we have full insights from a security perspective when our platforms are so varied. We wanted protection and visibility everywhere. That’s why we use Defender for Cloud—it gives us single pane of glass visibility across our hybrid and multicloud environment.“
Up to 60 percent in savings from simplifying your vendor approach
Our 60 percent savings calculation is an estimate based on the cost and complexity of buying point solutions from multiple vendors for cybersecurity coverage. Available estimated pricing indicates it would cost a company about USD63 per user per month for a representative basket of solutions covering typical security, compliance, identity, management, and privacy needs.
However, by adding E5 advanced compliance and security to Microsoft 365 E3 core security and compliance, these same companies can reduce their costs to approximately USD24 per user per month, based on web direct prices for Microsoft offerings. This represents savings of up to 60 percent. That also means fewer vendors to manage, more efficient operations, and reduced costs and the risk of cyberthreats. All of these benefits can result from helping organizations do more with less.
Figure 1: Potential cost savings of up to 60 percent when consolidating security solutions by using Microsoft 365 E5 Compliance and Security add-ons to a Microsoft 365 E3 license—instead of using multiple-point solutions. Savings are based on publicly available estimated pricing for other vendor solutions and web direct/based price shown for Microsoft offerings. Price is not guaranteed and subject to change.
2. Reduce threats with AI and automation
With threats stretching IT teams to the limit—and talent gaps making it difficult to fill open roles—people can use a boost. AI, machine learning, and automation help humans protect sensitive data, detect and respond faster to threats, and more accurately predict future attacks and insider risks.
AI and automation tools also help you more easily manage and govern on-premises multicloud and software-as-a-service (SaaS) data. Improve compliance, monitor and remediate potentially risky activity, and safely enable productive work for employees using multiple devices in multiple locations.
Organizations are also using AI and machine learning to:
- Filter events and make connections between incidents.
- Focus the IT team’s threat investigation on the biggest security issues.
- Disrupt ransomware attacks, which traditionally are “discovered” when receiving a ransomware note.
Consumer goods giant Land O’Lakes, Inc., must navigate cybersecurity challenges in an environment that includes 9,000 employees, nearly 10,000 endpoints, a significant on-premises infrastructure, Google Cloud Platform, and Amazon Web Services clouds, in addition to its main cloud platform, Microsoft Azure. That results in a lot to track. The company, which is headquartered in the United States, uses security and compliance solutions in Microsoft 365 E5 to have visibility into its threat landscape. It also leverages built-in AI and machine learning in Microsoft Sentinel and Microsoft Defender for Cloud to proactively manage threats and reduce alert fatigue.
“The Microsoft tools we use are native to the platform,” said Michael Marsh, Senior Security Engineer, Land O’Lakes. “Microsoft combines a tremendous volume of telemetry from around the world, which helps us understand where we need to direct our attention so that we can protect Lake O’Lakes.“
3. Improve operational efficiency
Increasing SecOps efficiency saves considerable time. Unified SIEM and extended detection and response (XDR) improve visibility across identities and endpoints. A deeply integrated solution from Microsoft Security makes it easier to protect your identities, devices, apps, and data against breaches.
United Kingdom sporting goods retailer Frasers Group realized that adding iconic new brands required a flexible, interoperable tool set. It found what it needed with a Microsoft SIEM and XDR solution as well as Microsoft Sentinel for a single view into security threats and alerts and Microsoft 365 Defender for tailored protection.
“The XDR capabilities Microsoft offers are second to none. Microsoft Sentinel layers built-in SOC capabilities with playbooks functionality,” said Matthew Wilmot, Group Head of Enterprise Security, Frasers Group. “The automation it provides is key to keeping our SOC team lean. Without it, we would need to triple our team.”
Security for all
Comprehensive security means adopting an end-to-end approach that harnesses the power of AI to protect against internal and external cyberthreats and secure multicloud environments. Protect your organization, people, and data for a more secure future and satisfy increasingly intricate compliance regulations. People are arguably the most important piece of this. When protected, they are free to focus on what matters most.
Explore Microsoft Security to learn how our solutions can help give everyone in your organization peace of mind and how embracing a do more with less approach to security can help make you more efficient, effective, and unified.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
1Cost of a Data Breach, IBM. 2022.
2Savings based on publicly available estimated pricing for other vendor solutions and web direct/based price shown for Microsoft offerings. Price is not guaranteed and subject to change.