Cyber Signals: Shifting tactics fuel surge in business email compromise
Business email operators seek to exploit the daily sea of email traffic to lure victims into providing financial and other sensitive business information.
Regulatory standards frequently shift and tighten, especially with the rise of hybrid work environments. And with the explosion of data growth, organizations have seen a massive uptick in cybersecurity issues and needs. According to IBM’s 2022 Cost of a Data Breach Report, 83 percent of organizations experienced more than one data breach in their lifetime.1 Of these instances, 20 percent of the data breaches are due to malicious internal actors. If that statistic isn’t enough to illustrate the evolving threat landscape, almost 40 percent of organizations reported the average cost of a single data breach from an insider event was more than USD500,000, with an average of 20 events per year, according to our Building a Holistic Insider Risk Management Program report.2
As more organizations shift to a hybrid work model, cybersecurity leaders need a way to strengthen and secure growing boundaries. They are struggling now more than ever with a fragmented solution landscape and increased, more sophisticated threats to data security.
A Zero Trust architecture is a critical component to modernizing security programs and ensuring sensitive organizational data and identities are kept safe. Plus, it can help organizations stay in compliance with regulatory standards.
In this blog, we’ll discuss how implementing a Zero Trust framework helps organizations meet compliance and data security requirements, prevent, identify, and secure sensitive business data, and reduce business damage from a breach.
As regulatory and compliance requirements evolve in response to technological transformations, organizations must rapidly modernize their security posture to protect sensitive data and processes. A Zero Trust architecture is a comprehensive security strategy to help you secure your data and prepare your organization for future threats.
Applying the Zero Trust principle of “assume breach” helps proactively minimize the impact of security attacks from internal and external bad actors by implementing specific security measures using all available data points and enforcing least privileged access to secure digital environments:
Implementing redundant security mechanisms, collecting system telemetry and using it to detect anomalies, and—wherever possible—connecting that insight to automation empowers a business to prevent, respond, and remediate data security incidents efficiently.
Assuming breach involves organizations first determining if they have the right data security strategies and controls in place and if they can measure their breach risk. This also involves understanding both internal and external activity around sensitive data, wherever it lives and throughout its entire lifecycle. A Zero Trust lens can help organizations implement the right protection to detect and remediate modern and evolving cyber risks and vulnerabilities in a timely, preventative measure.
Managing insider risks provides insights into events that could potentially lead to data theft or other exfiltration activities happening inside of your organization. And by configuring dynamic policies with protective actions, you can prevent data from unauthorized use across apps, services, and devices, even in hybrid work environments. Implementing a Zero Trust architecture helps organizations confidently prevent sensitive data loss.
Identifying the business risk of a breach and the resulting damage to reputations and relationships also reduces the impact of a major incident, such as serious risks to data security structure, financial health, and market reputation. A Zero Trust framework provides the visibility, controls, and redundancy necessary to quickly detect, deter, and defend against data security risks, and to secure sensitive data by proactively detecting and minimizing those risks.
Implementing a Zero Trust architecture ultimately bridges the gap between balancing data security and enabling productivity, without compromising either. Reduce the blast radius of security attacks and use proper access controls to strengthen security posture, which helps to minimize reputational damage, the financial costs of a security breach, cyber insurance premiums, and employee burnout among security teams.
Figure 1. Through a comprehensive Zero Trust approach, organizations can secure their most precious data and devices and prevent bad internal and external actors from breaching.
Identifying the most critical data and identities is important for a Zero Trust approach. A more robust security posture begins by understanding the organization’s security architecture before integrating controls and signaling across layers to apply and enforce unified policies. The Zero Trust architecture extends throughout the entire digital estate and serves as an integrated, unified security strategy to reduce the complexity and time-consuming aspects of end-to-end security.
Organizations must first gain visibility into what assets—such as identities, endpoints, apps, networks, infrastructure, and data—exist within their organization. Then, assess their current risk and identify which assets should be prioritized and which ones users are interacting with.
Securing sensitive data must involve these key steps:
These steps enable organizations to adopt a comprehensive end-to-end strategy to manage security and apply protection actions—such as encryption, access restrictions, and visual markings—that safeguard your data, even if it leaves the devices, apps, infrastructure, and networks that the organization controls.
When data and sensitive content is understood, classified, and identified, organizations can:
Fine-tuned adaptive access controls, such as requiring multifactor authentication or device security policies, based upon user context, device, location, and session risk information, move the security perimeter to where data lives and encourage strict control over digital identities and identity access. This enables the implementation of security controls within each layer of the security architecture to further segment access.
Policies and real-time signals are required to determine when to allow, block, or limit access, or require additional proofs like multifactor authentication so that organizations can improve boundaryless collaboration without putting their data at risk.
By adopting Zero Trust, organizations understand the context of user activity around sensitive data and can prevent unauthorized use or loss of data. Types of data security that help protect against data breaches and help meet regulatory requirements include:
Microsoft’s Zero Trust security framework can help your organization meet many regulatory and compliance standards by default, including compliance requirements surrounding data, compliance, and law. This involves securing data, including personally identifiable information, financial data, health information, and intellectual property, all of which are at high risk of theft, loss, or exfiltration. Thus, protecting sensitive data is imperative.
While these regulatory standards will differ depending on the organization, they help organizations meet both security and compliance requirements.
Some important regulations include:
Adopting a Zero Trust architecture can also help you exceed standards and requirements, which enhances proactive, preventative security protection and enables:
A Zero Trust model helps with understanding the policies needed to comply with governance requirements. It enables continuous assessments—from taking inventory of data risks to implementing controls and staying current with regulations and certifications.
Organizations can get started by determining their place in the Zero Trust journey:
Adopting an end-to-end Zero Trust strategy is a critical step your organization can take to modernize your security posture and exceed required regulatory and compliance standards. To learn more about implementing Zero Trust with Microsoft:
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
1Cost of a Data Breach Report 2022, IBM. 2022.
2Building a Holistic Insider Risk Management Program, Microsoft. 2022.