Microsoft: Connected World Requires Holistic Cybersecurity Approach

The volume and complexity of cybersecurity risks associated with the Internet of Things and employee-owned devices has Microsoft considering a more holistic approach to security.

Microsoft CEO Satya Nadella spoke in Washington, D.C. on Tuesday about Microsoft’s contribution and approach to cybersecurity, announcing a new Cyber Defense Operations Center and a Microsoft Enterprise Security Group.

In his keynote, Nadella acknowledged that unless customers can trust technology, they will not use it. A Microsoft blog post elaborated on the company’s approach in how the company protects, detects, and responds to security threats, spending $1 billion over the past year on security and doubled its security executives. The company recently picked up Israeli security company Secure Islands.

As part of this initiative, Microsoft announced plans to open a new Cyber Defense Operations Center which is staffed with dedicated teams 24×7 and has access to thousands of security professionals, data analytics, engineers, developers, program managers, and operations specialists. Detecting and responding to threats as quickly as possible is crucial as the lost productivity related to cybersecurity threats is in the range of $3 trillion, Nadella said.

At a security conference in Toronto last month Microsoft said that it has taken control of botnets as part of its security strategy.

Microsoft also announced the Microsoft Enterprise Cybersecurity Group (ECG), a dedicated group of worldwide security experts that offers security assessments, provides ongoing monitoring and threat detection, and incident response capabilities.

According to Nadella, Microsoft updates Windows one billion times a month, and inspects over 200 million emails as part of Office 365 for malware, looking for attachments that may contain malware before they are sent to customers’ inboxes. It has 300 billion user authentications each month.

Recently, Microsoft announced that it would start delivering cloud services via data centers in the UK and Germany in order to comply with local data protection laws.