Cyber Signals: Shifting tactics fuel surge in business email compromise
Business email operators seek to exploit the daily sea of email traffic to lure victims into providing financial and other sensitive business information.
The last couple of years have been difficult, with many organizations operating in a response mode. From a global pandemic to an economic downturn to increasing security risks, teams are under more pressure than ever to deliver greater cyber security and do more with less.
This responsive approach has resulted in many organizations falling behind on long-term projects, with transformation projects losing funding and getting put on the shelf (understandably so). Yet it has now become clear that the fire-drill operations of the pandemic are not only here to stay but are accelerating and becoming more impactful. As you will read in more detail below, IT teams are becoming burned out, security attacks are increasing and employees are expecting more from their endpoints and IT as remote and hybrid work become the norm. The stakes are higher than ever before, and these trends will require a new approach. Addressing these challenges will require us to shift our focus from being responsive to truly transforming the user digital landscape through consolidation and automation.
What if you could deliver a new security model that enables people to work how and where they want without jeopardizing their digital experience? What if you could free your IT and security teams to focus on more strategic items and reduce operational complexity? I want this blog post to trigger the most transformational project your team conducts this year; namely, setting your team’s vision for enabling the people in your organization with the best possible digital experience, complete with a first-class security model. This transformation will not be easy, but by following a central theme of simplification it can be achieved. Simplification of your endpoint management approach will enable more productive IT staff, better employee experiences, a better security posture and ultimately better business outcomes. It allows IT and security teams to move from complex to streamlined, from manual to automated, and also deliver significant financial benefits, which I discuss in the next section.
“Simplification” needs greater explanation if we are to understand the potential benefits.
In the short term, simplification means removing the challenges that come from having too many endpoint management tools. A recent survey showed that two-thirds of respondents were using more than 10 tools to manage and protect their endpoints.1 This is understandable given the plethora of new dimensions administrators have had to face, from new mobile endpoints to hybrid work to bring your own device (BYOD). Yet 10 or more tools for endpoint management means potentially 10 panes of glass, 10 vendor contract renewal conversations, 10 different training sessions, and significant integration requirements—all which can contribute to disparate experiences for employees, too. Addressing endpoint scenarios with multiple point solutions to fill the gaps ultimately adds complexity and increases costs and security risks.
First, consolidation means more time. A Forrester study has estimated that by moving to a suite of endpoint tools (such as the Microsoft Intune Suite), technicians who manage endpoints could save at least 10 percent of their time per year in the first year of use, and, in some cases, even more.2
Second, consolidation delivers a single pane of glass, thus freeing up your staff’s time from the complexity of managing many unified endpoint management (UEM) solutions, from selecting the vendor to training and onboarding each incremental solution.
The next, more exciting part of simplification is greater automation. As with the introduction of Microsoft Security Copilot, Microsoft is committed to increasing the effectiveness and efficiency of IT and security professionals. Consolidation is an important pre-requisite here: Automation yields better results when it pulls from a central pool of data, which requires consolidation.
First, automation will improve security. For example, by using best practice data automatically applied rather than manual processes, vulnerabilities caused by human error will be reduced. There were 106 publicly disclosed incidents in February 2023 accounting for 29.6 million breached records.3 Even a five percent reduction means almost 1.5 million fewer records would have been breached in that month alone.
Second, automation saves time for existing workers. There were about 4.7 million workers globally in cybersecurity at the end of 2022.4 Roughly speaking, if the industry saved even five percent of the approximately 9.4 billion hours of work done by those workers, that’s 470 million hours per year saved through automation. It’s time to help IT admins refocus on the strategic, not the tactical elements of security.
So, simplification is not just a buzzword. It requires consolidation to then deliver automation, and it can deliver benefits both in terms of saved time for your staff and better security for your organization.
Simplifying your endpoint management is a process, not a single event. I would identify five separate steps:
So, how do you take the first step? I would encourage you to get your team together and discuss the general direction you want to take. Focus on the destination, not the steps at this point. Every vision will be slightly different based on your company’s situation. For example, in what order would you consolidate your endpoint tools, given your current resourcing and licensing contracts? How would you introduce a consolidated suite of endpoint tools? And who else do you need to work with in other departments to sell the investment rationale?
And I encourage you to read more about the Microsoft Intune Suite and review the Intune roadmap to provide a better sense of how consolidation could progress. Finally, please experiment with advanced endpoint analytics in the Intune Suite to get a sense of what automation can do (even if it is just the tip of the iceberg for insights data and analytics).
It’s encouraging to be able to move our eyes toward the horizon again and think in timeframes longer than a week or a month. I invite you to seize the opportunity that creating a simplification-centric vision offers.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
1Managing the Endpoint Vulnerability Gap, Enterprise Strategy Group. February 2023.
2New Technology: The Projected Total Economic Impact™ Of The Microsoft Intune Suite, a commissioned study conducted by Forrester Consulting. March 2023. Results are for a composite organization based on interviewed customers.
3Monthly Breach Report: March 2023 Edition, PKWARE. March 9, 2023.
4The cybersecurity talent shortage: The outlook for 2023, Sue Poremba. January 5, 2023.