Skip to main content
Industry

Cybersecurity & Privacy: Managing enterprise risk

[inlinevideo header=”Cybersecurity & Privacy: Managing enterprise risk” description=”” videoimage=”http://az370354.vo.msecnd.net/wordpress/2015/12/11.jpg” video=”http://az370354.vo.msecnd.net/videos/Enterprise_Perspectives-Security_and_Privacy_In_the_Cloud.mp4″]

Today, security and privacy are no longer just IT issues. As many high-profile security breaches have recently taught us, the implications of a security incident can reach far beyond the costs to eliminate the problem. These issues can damage the trust you have earned from your customers, irreparably harm your brand image, and negatively impact your business. Modern business leaders understand that fostering a culture of security and privacy needs to be a primary focus across the enterprise and a top business level concern. However, instilling a commitment to security throughout a business can be challenging in today’s digital era. New opportunities for mobile, social, analytics and cloud technological advancements bring a host of new security concerns along with them. Today’s technological business decision makers face many challenges as they transform to a digital enterprise including maintaining:

  • Data sovereignty – As new workplace initiatives like BYOD (Bring Your Own Device) and ‘work from anywhere’ gain popularity, enterprises must take extra steps to ensure their data is protected. Enterprises are exploring new ways to leverage new innovations as well as their previous investments to maintain control over their data and intellectual property as their employees increasingly move to the cloud.
  • Trust – Beyond protecting internal data, enterprises also face the critical challenge of ensuring the safety of their customers’ data. In the world of the empowered consumer, trust and loyalty can easily be lost, especially when the privacy of customer data is threatened. When your company experiences a data breach, the business value gained from your digital transformation journey can instantly be diminished. As a result, your reputation can suffer – leading to loss of customer trust and loyalty. For example, a recent survey found that half of holiday shoppers this year will avoid retailers that got hacked costing those enterprises potentially millions of dollars in lost revenues.
  • Security – Beyond the threat to customer loyalty and brand reputation – which are often the hardest to regain – organizations which lack a comprehensive security strategy are at risk of losing critical intellectual property that keeps them competitive in the market. Cyberattacks and security breaches can also result in the loss of market share and profits and have long term effects beyond the legal liabilities and job losses that accompany major security incidents.

To stay ahead of today’s modern security risks, every enterprise must build a culture of security; this responsibility requires executive involvement from all parts of the business to ensure that security becomes a fundamental part of the organizational culture. It’s no longer possible to overlook this critical protection for employees and customers. Does your organization have the right systems and partners in place to execute on your security vision?

Your technology partner should have an end to end vision for security and privacy – they must be committed to protecting you and your customers while continually innovating and leading the industry in the latest developments in cybersecurity. Microsoft has built a commitment to the transparency, strong privacy principles and leading security practices necessary to make security part of our DNA. We have invested heavily in a modern, enterprise-grade, trustworthy computing platform and bring rich security expertise to our customers to help them protect, detect and respond to security threats. Finally, we proactively combat cybercrime and advocate extensively with governments and policy organizations to enhance cybersecurity.

Culture of security & privacy

We know that many customers are concerned about the privacy of their data in the cloud – who has access to it and how it’s used. We take this very seriously. Microsoft does not give anyone unfettered, direct access to enterprise customer data and we do not use enterprise customer data for advertising purposes. Transparency into our security, privacy and compliance practices helps to protect our customers’ information. Our Transparency Centers provide participating governments with the ability to review source code for our key products to assure themselves of their software integrity, and confirm there are no “back doors.” Microsoft does not provide any government with direct and unfettered access to our customers’ data, and we do not provide any government with our encryption keys or the ability to break our encryption. If a government wants customer data, it needs to follow applicable legal process and our Microsoft compliance team reviews those requests for validity.

At Microsoft, security is fundamental to who we are as company, and an integral part of how we develop software and how we operate our business. As leading global security advocate, we developed the Security Development Lifecycle – widely used in the IT industry – to provide a principled approach to building secure, enterprise-grade software. We extend secure frameworks and practices into our cloud operations as well, delivering an end-to-end vision for cloud-based security.

Enterprise grade products & services

In a mobile first, cloud first world, your employees can work from anywhere and your data can be anywhere. The notion of perimeter based security is no longer a valid approach. Your data is constantly at risk and so organizations must take a data centric approach to security. With world class capabilities that include encryption, multi-factor authentication, access management, device management, as well as embedded tools to manage compliance and requirements, security is inherent in our products – Microsoft helps to protect you and your customers. Microsoft has been investing heavily in building out a truly enterprise grade platform of products and services for years. We have one of the largest cloud infrastructures in the world and one of the world’s largest networks – delivering over 200 secure online services. Our security and compliance frameworks and cloud infrastructure security programs help to meet the varying, complex and sophisticated needs of our customers. As of October 2014, we are the first and only vendor in the world to meet the European Union’s stringent privacy requirements as set out in Article 29.

Our deep privacy and security expertise comes from being an enterprise with the same global security concerns that our customers share. We, too, have to keep pace with a world of malware, hackers, and industrial espionage, and we’ve stayed safe by staying on the cutting edge of security technologies. The Microsoft Security Response Center, led by some of the world’s most experienced security experts, identifies, monitors, responds to and helps resolve security incidents. Security threats evolve daily and few enterprises have the infrastructure of privacy and protection that can prevent catastrophic incidents. We continually iterate and invest our learnings from operating as a global enterprise back into our products and we also deliver our world class security expertise to our customers through services that help enterprises protect, detect and respond to security challenges.

Cybersecurity impact and collaboration

As technology becomes more embedded into our lives and how we do business, security needs to be a fundamental cornerstone of this shift. Cybercrime is on the rise and has had a tremendous impact on businesses and individuals through financial fraud, online child exploitation, malware, botnets and illegal software and other products. Keeping enterprises and vulnerable populations safe online is a key focus area at Microsoft. We proactively work to protect people and businesses from a broad range of cybercrime activities, including malicious software crimes, IP crimes, and technology-facilitated child exploitation. By bringing together top legal and technical talent, cutting-edge forensics and business intelligence tools – and partnering with US and international criminal law enforcement and other industry experts – we are taking the fight directly to cybercriminals with our Cybercrime Center and Digital Crimes Unit. As a result, Microsoft has taken down 12 major botnets (as of September 2014) and has worked with government agencies around the world to help identify and take down more than 20,000 illegal pharmacies selling dangerous counterfeit drugs.

We blend public policy expertise with technical acumen to work collaboratively with governments, multilateral organizations, industry and non-profit groups around the world to enhance cybersecurity across the ecosystem. We also collaborate closely with security software vendors through the Microsoft Active Protections Program to give security software providers early access to vulnerability information so that they can provide updated protections to customers faster. Finally, our Security Intelligence Report provides insights on the threat landscape and comprehensive guidance that helps enterprises to manage evolving risks. As enterprises embark on their digital transformation, they need to ensure that security and privacy are an integral part of that journey – Microsoft can help you take advantage of the new opportunities that technology brings and while mitigating increasingly complex risks.

Avatar photo
Kasia Kaplinska

Related posts