-
-
CISO series: Lessons learned—4 priorities to achieve the largest security improvements
In this blog, Jonathan Trull shares methods he uses to prioritize where and how he spends his resources to achieve the largest security improvements. -
Building on experience: a framework for cybersecurity policy
Each year more and more governments are developing policies to address security challenges presented by an increasingly digitized world. We are excited to announce the release of Microsoft’s new Cybersecurity Policy Framework—an indispensable resource for the policymakers joining this work. -
How to mitigate rapid cyberattacks such as Petya and WannaCrypt
Because of how critical security hygiene issues have become and how challenging it is for organizations to follow the guidance and the multiple recommended practices, Microsoft is taking a fresh approach to solving them. -
How a national cybersecurity agency can help avoid a national cybersecurity quagmire
This last October we saw more countries than ever participate in initiatives to raise cybersecurity awareness. What was once largely a US approach has evolved into events and initiatives around the world by governments, civil society groups, and private sector partners. This increased breadth and depth of activity reflects governments’ increased understanding of the importance […] -
IGF proves the value of bottom-up, multi-stakeholder model in cyberspace policy-making
In December, the Internet Governance Forum (IGF) brought the world together to talk about the internet. I tend to take a definite interest in cybersecurity, but there were many more important topics discussed. They ranged from diversity in the technology sector through to philosophy in the digital age. Cybersecurity was, nonetheless, a major theme. My […] -
Overview of rapid cyberattacks
Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked […] -
Cybercrime and freedom of speech – A counterproductive entanglement
This post is authored by Gene Burrus, Assistant General Counsel. As cybercrime becomes ever more pervasive, the need for states to devote law enforcement resources to battling the problem is apparent. However, states should beware using cybercrime legislation and enforcement resources as a vehicle for restricting speech or controlling content. Doing so risks complicating essential international […] -
More than just an ocean separates American and European approaches to cybersecurity
The recent revision of the National Standards and Technology Institute’s (NIST) Cybersecurity Framework and the publication of European Network and Security Agency’s (ENISA) proposals on implementation of the Network and Information Security (NIS) Directive have made me pause and ponder the progress made (or indeed not) in securing our critical infrastructures since they were both […] -
How the Asia-Pacific region is advancing cybersecurity
Earlier this year, my team and I had the great privilege and pleasure of spending several days in Japan, participating in the Information Technology Promotion Agency (IPA) Symposium. We also met with industry colleagues to discuss global cybersecurity trends and opportunities to engage in public policy, and met with Japanese government partners to examine the question of cloud security.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
