Following Microsoft’s acquisition of enterprise security firm Aorato in November 2014, it is using their technology to launch Advanced Threat Analytics (ATA), a new cyber security service to customers available from August 2015. This on-premise product seeks to ID advanced persistent threats BEFORE they can cause damage.
For Brad Anderson, corporate VP of Enterprise Client & Mobility at Microsoft, the traditional IT security solutions of monitoring and security have become less effective once a breach is discovered and the length of time it takes to identify the intruder too arduous in sifting through the sheer mass of data in an inbox or console. In Anderson’s view:
• Compromised identity is the No.1 cause of the breaches from organisations worldwide.
• BYOD is a root cause of many security problems as an employee’s use of their own device is often less couched in the same protective software and governance as corporate devices.
• Security tools are too cumbersome, with complicated reports and too many false positive results.
ATA uses identity as the fulcrum for spotting potential attack, with machine learning and behavioural analytics to detect security threats fast. Anderson is proud of the user friendly nature of this on premise new toolset which uses an “easy-to-consume, and simple-to-drill-down, social media-like feed timeline”.
With data security a dominant issue for organisations and increasingly an unavoidable subject for employees with an active CISO, having an accessible toolset is an attractive advance, but one which should be considered hand in hand with educating the workforce to identify and report cyber threats.
Organisations need to be prepared and practice for such an event in order that employees can gain a greater understanding of the commercial fallout – and ensure that personal responsibility is not abrogated, allowing a cyber attack to happen.