Welcome to the first of a three-part series on enterprise cloud security designed to help organizations orient and rapidly protect against the latest cloud cyber attacks when leveraging Microsoft 365 services.
If you’re reading this, your organization is likely ballooning corporate data at a rate of 50 percent or more year-over-year, per global trends. You may find yourself alarmed by how much sensitive data is ending up in public cloud services such as Exchange, SharePoint, and Teams. With public access comes a host of malicious bad actors launching attacks from an ever-changing threat landscape. As one of the frontline cyber defenders, you regularly wrestle with the question,
“What is my organization’s cybersecurity posture?”
It’s likely that you’ve read articles covering tremendous loss concerning subpar cybersecurity—those that state cyber incidents cause organizations to lose money, data, productivity, and consumer trust annually. Below are some prime examples:
- Companies lose a total of $400 billion from damages from hacking
- Companies lose $3.86 million, on average, per breach
- 1 million new pieces of malware are created each day
- The 2017 Verizon Data Breach Investigations Report reports that malware accounts for 51 percent of breaches.
Experts on cloud security management recommend assuming that your organization has already been breached. This is not defeatist, but a sobering mentality both critical and indicative of the times in which we live. By assuming the threat has already breached your existing security, you are better equipped to identify vulnerabilities and respond with well-planned contingencies.
There are hundreds of security controls in a cloud tenant, especially when working with Microsoft 365 E3 licensing. Many new controls are also added regularly to address the latest evolving threats. However, the vast majority of them are off, disabled, or not effective for new tenants. The reason is typically due to legacy backwards compatibility. With these controls disabled, malicious actors are able to exploit:
- Single factor authentication
- Weak credentials
- MFA fatigue
- Personal device access
- Unsecured endpoints
- Unsafe protocols (SMTP, POP3, IMAP, Basic Auth)
Due diligence to eliminate vulnerabilities, protect against threats, and implement the latest security controls falls squarely on the frontline cyber defenders. A comprehensive understanding of the M365 systems and its security controls is imperative for thorough cloud security management.
Living in the age of subscriptions, we frequently see organizations pay hundreds of thousands of dollars annually for software use and cloud access, but they typically only benefit from 10–20% of the licensed features due to unconfigured workloads. With these cloud security systems unoptimized, it leaves gaping holes in IT infrastructure defense while wasting a significant portion of the subscription fee being paid.
This is especially true with M365 and EMS E3 licensed organizations, which contain a host of baseline critical security controls as well as amazing potential in cost savings—the key to these being endpoint management automation. It begs another important question for the frontline cyber defender:
“What is my organization’s ROI for licensing investments?”
To help clients see the whole picture, Horizons Consulting has developed both a cloud security rapid assessment and a roadmap design program. Both are heavily focused on identifying security gaps, maximizing existing licensing ROI, and training cyber defenders on the latest features available.
The program can be completed independently or in close collaboration with the client, usually taking two to three days. The deliverables include a security gap presentation and reports as well as (most importantly) a roadmap design that is prioritized to the organization’s most pressing needs.
One key deliverable which measures hundreds of enterprise cloud security best practices and controls is illustrated below. The gray bars represent the initial cybersecurity posture of a real client immediately before they became a victim of a major cyberattack.
As you can imagine, the breach was expensive and a nightmare to journey through for the client. Unfortunately, scores this low are commonplace in our experience, even for clients that have been in the cloud for years. They characterize tenants who have not taken measures to protect themselves beyond the default security controls.
With the proper assessments, these security gaps can be addressed long before they ever become a problem. The orange bars in the figure represent the security score of each client after a posture transformation.
In our next installment in this three-part informational series, we will cover the details of these transformations—and how our cloud security rapid assessment and roadmap design programs helped pave the way for such improvements.
With knowledge of the cybersecurity threat at hand and the general average state of an organization’s cybersecurity posture management, you may now be asking yourself:
“How do I get started with Cloud Security?”
It’s imperative to identify and prioritize a 6-month to 1-year roadmap that strengthens the organization against the ever-changing threat landscape. Let us help you establish or refresh a cybersecurity baseline today. It’s our passion, and we are here for you.
Horizons Consulting specializes in Enterprise Cloud Security, Modern Workplace, Azure, Power Platform, and Mergers & Acquisitions migrations—with over twenty years of experience as a Microsoft Gold Certified Partner. Contact us today for an environment refresh following the latest standards or a quick assessment to feed future roadmaps tailored to your organization’s needs.