Over the last few years, we’ve all become familiar with Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) – the now standard terminology referring to business models that remove the need for users to maintain or manage their own hardware or software.
Brought about by advances in cloud computing, these models have played a pivotal role in making industry-leading technology available to a much wider range of customers. The trouble is, they’ve also created an opportunity for organised criminal groups to sell their advanced cyber-attack technology to a wider market, too.
A recent report by the UK National Cyber Security Centre, in partnership with the National Crime Agency, describes this new criminal model as “ransomware-as-a-service”. Essentially, pre-developed ransomware tools are being sold into the hands of less technical criminals. Examples include web portals to customise ransomware, communication platforms for negotiating with victims, and access to data leak sites to publish stolen data.
The report highlights the fact that, while businesses have been placing a greater emphasis on attack-preparedness since 2018, criminals have also been refining their business models to maximise payouts. However, the majority of incidents are not, in fact, due to sophisticated attack techniques. Rather, most cybercriminal success is still a result of poor cyber hygiene creating an opportunity for malicious access.
For organisations, this really spotlights the importance of building and maintaining strong cyber defences. Fortunately, while cybercriminals have been developing their new attack methodology, Microsoft has been developing and improving Microsoft Defender for Office 365. The results have been so impressive that Microsoft was officially named a leader in The Forrester Wave: Enterprise Email Security report Q2 2023.
How have Microsoft knocked it out the park this time? It could have something to do with the fact that Microsoft Defender for Office 365 leverages Microsoft’s entire database of 65 trillion security signals gathered across the full spectrum of Microsoft products. As a result, it’s able to detect and mitigate advanced threats from phishing, malware and zero-day exploits with astounding accuracy that leaves many competitor products in the dust.
Defender for Office 365 also actively supports security operations teams in the swift investigation and remediation of security incidents. It includes tools and processes to identify, analyse and respond to incidents efficiently, with automated investigation and remediation features to further boost response times.
Its seamless integration with other Microsoft products means Defender for Office 365 also contributes to a unified Microsoft security perimeter. It can be managed from the same centralised security platform as other Microsoft security solutions, improving coverage, increasing visibility, and reducing complexity while maintaining exceptional performance.
Let’s not forget the role of users in security either. Microsoft Defender for Office 365 certainly doesn’t. In fact, it actively seeks to improve user readiness through innovative training and simulations customised to each organisation’s unique situation.
The simple truth is, Microsoft has invested heavily in their email security offering, and that investment is paying very tangible, risk-reducing dividends for its customers. If your Microsoft 365-based organisation is still paying a premium for 3 rd -party email security apps, it would be remiss of us, at this point, not to recommend a migration.
Need help? Give us a call! We’re experts in Microsoft’s security tools (and in complex migrations) and can offer solid advice on cost-effective email archiving solutions for legacy content as well as ongoing retention requirements.