PowerPoint Presentation · 2 n 6 d 5 a 8 e 5 e 5 l 4 w b0 e b1 w b0 e b0 a 0 e 5 l 8 n 0 d b0 2 e 0...
Transcript of PowerPoint Presentation · 2 n 6 d 5 a 8 e 5 e 5 l 4 w b0 e b1 w b0 e b0 a 0 e 5 l 8 n 0 d b0 2 e 0...
Lig
ht B
lue
R0 G
188 B
242
Gre
en
R16 G
124 B
16
Red
R232 G
17 B
35
Mag
en
taR
180 G
0 B
158
Pu
rple
R92 G
45 B
145
Blu
eR
0 G
120 B
215
Teal
R0 G
130 B
114
Yello
wR
255 G
185 B
0
Ora
ng
eR
216 G
59 B
1
Lig
ht Y
ello
wR
255 G
241 B
0Lig
ht O
ran
ge
R255 G
140 B
0Lig
ht M
ag
en
taR
227 G
0 B
140
Lig
ht P
urp
leR
180 G
160 B
255
Lig
ht T
eal
R0 G
178 B
148
Lig
ht G
reen
R186 G
216 B
10
Dark
Red
R168 G
0 B
0D
ark
Mag
en
ta
R92 G
0 B
92
Dark
Pu
rple
R50 G
20 B
90
Mid
Blu
eR
0 G
24 B
143
Dark
Teal
R0 G
75 B
80
Dark
Gre
en
R0 G
75 B
28
Dark
Blu
eR
0 G
32 B
80
Mid
Gra
yR
115 G
115 B
115
Dark
Gra
yR
80 G
80 B
80
Ric
h B
lack
R0 G
0 B
0
Wh
iteR
255 G
255 B
255
Gra
yR
210 G
210 B
210
Lig
ht G
ray
R230 G
230 B
230
TRADITIONAL APPROACH
Satisfied
CLOUD-ENABLED SECURITY
Gre
ate
r Busi
nes
s V
alu
e
Commodity Resources
Lig
ht B
lue
R0 G
188 B
242
Gre
en
R16 G
124 B
16
Red
R232 G
17 B
35
Mag
en
taR
180 G
0 B
158
Pu
rple
R92 G
45 B
145
Blu
eR
0 G
120 B
215
Teal
R0 G
130 B
114
Yello
wR
255 G
185 B
0
Ora
ng
eR
216 G
59 B
1
Lig
ht Y
ello
wR
255 G
241 B
0Lig
ht O
ran
ge
R255 G
140 B
0Lig
ht M
ag
en
taR
227 G
0 B
140
Lig
ht P
urp
leR
180 G
160 B
255
Lig
ht T
eal
R0 G
178 B
148
Lig
ht G
reen
R186 G
216 B
10
Dark
Red
R168 G
0 B
0D
ark
Mag
en
ta
R92 G
0 B
92
Dark
Pu
rple
R50 G
20 B
90
Mid
Blu
eR
0 G
24 B
143
Dark
Teal
R0 G
75 B
80
Dark
Gre
en
R0 G
75 B
28
Dark
Blu
eR
0 G
32 B
80
Mid
Gra
yR
115 G
115 B
115
Dark
Gra
yR
80 G
80 B
80
Ric
h B
lack
R0 G
0 B
0
Wh
iteR
255 G
255 B
255
Gra
yR
210 G
210 B
210
Lig
ht G
ray
R230 G
230 B
230
Defender Investment:
Defender Return:
• Ruin Attacker ROI • Deters opportunistic
attacks
• Slows or stops determined attacks
Investment: Cost of Attack
Return: Successful Attacks
Security Return
on Investment
(SROI)
Lig
ht B
lue
R0 G
188 B
242
Gre
en
R16 G
124 B
16
Red
R232 G
17 B
35
Mag
en
taR
180 G
0 B
158
Pu
rple
R92 G
45 B
145
Blu
eR
0 G
120 B
215
Teal
R0 G
130 B
114
Yello
wR
255 G
185 B
0
Ora
ng
eR
216 G
59 B
1
Lig
ht Y
ello
wR
255 G
241 B
0Lig
ht O
ran
ge
R255 G
140 B
0Lig
ht M
ag
en
taR
227 G
0 B
140
Lig
ht P
urp
leR
180 G
160 B
255
Lig
ht T
eal
R0 G
178 B
148
Lig
ht G
reen
R186 G
216 B
10
Dark
Red
R168 G
0 B
0D
ark
Mag
en
ta
R92 G
0 B
92
Dark
Pu
rple
R50 G
20 B
90
Mid
Blu
eR
0 G
24 B
143
Dark
Teal
R0 G
75 B
80
Dark
Gre
en
R0 G
75 B
28
Dark
Blu
eR
0 G
32 B
80
Mid
Gra
yR
115 G
115 B
115
Dark
Gra
yR
80 G
80 B
80
Ric
h B
lack
R0 G
0 B
0
Wh
iteR
255 G
255 B
255
Gra
yR
210 G
210 B
210
Lig
ht G
ray
R230 G
230 B
230
RUIN ATTACKER’S ECONOMIC MODEL
BREAK THE KNOWN ATTACK PLAYBOOK
ELIMINATE OTHER ATTACK VECTORS
AGILE RESPONSE AND RECOVERY
Lig
ht B
lue
R0 G
188 B
242
Gre
en
R16 G
124 B
16
Red
R232 G
17 B
35
Mag
en
taR
180 G
0 B
158
Pu
rple
R92 G
45 B
145
Blu
eR
0 G
120 B
215
Teal
R0 G
130 B
114
Yello
wR
255 G
185 B
0
Ora
ng
eR
216 G
59 B
1
Lig
ht Y
ello
wR
255 G
241 B
0Lig
ht O
ran
ge
R255 G
140 B
0Lig
ht M
ag
en
taR
227 G
0 B
140
Lig
ht P
urp
leR
180 G
160 B
255
Lig
ht T
eal
R0 G
178 B
148
Lig
ht G
reen
R186 G
216 B
10
Dark
Red
R168 G
0 B
0D
ark
Mag
en
ta
R92 G
0 B
92
Dark
Pu
rple
R50 G
20 B
90
Mid
Blu
eR
0 G
24 B
143
Dark
Teal
R0 G
75 B
80
Dark
Gre
en
R0 G
75 B
28
Dark
Blu
eR
0 G
32 B
80
Mid
Gra
yR
115 G
115 B
115
Dark
Gra
yR
80 G
80 B
80
Ric
h B
lack
R0 G
0 B
0
Wh
iteR
255 G
255 B
255
Gra
yR
210 G
210 B
210
Lig
ht G
ray
R230 G
230 B
230
Balance and Focus Security investments
Mission Threats
Resilience: Designed to recover quickly
THEN NOW Reliability: Designed not to fail
!
!
!
!
Prevent: Every possible attack Protect, Detect, & Respond along the attack chain
!
!
!
! !
!
Assume
Breach:
SECURITY
THE NEW IMPERATIVE:
OR PRODUCTIVITY
COMMON INITIATIVES • Biometric and Virtual Smart Card Authentication
• Mobile Application Management
• Self Service Password Reset
• Conditional Access to Resources
• …and More
Impossible to forget
Ease of use
Fingerprint and facial recognition
Hardware assurances (VBS)
BIOMETRICS = SECURITY AND PRODUCTIVITY
SECURITY PERIMETER
80%
of employees use non-
approved apps for work
81%
of breaches are caused
by credential theft
73%
of passwords are
duplicates
WHY IDENTITY IS IMPORTANT
Network Perimeter
Office
365
Approved Cloud Services
Unmanaged Devices
Shadow IT Threats Persistent Network protects against
classic attacks…
…but bypassed reliably with • Phishing
• Credential theft
+ Data moving out of the
network
= Critical to build an Identity
security perimeter Identity - Strong Authentication
Access Management – Monitor
and enforce access policies
Threat intelligence integration
into protections and detections
Resources
Identity Perimeter
Who is accessing? What is their role?
Is the account compromised?
Where is the user based? From where is
the user signing in? Is the IP anonymous?
Which app is being accessed?
What is the business impact?
Is the device healthy? Is it managed?
Has it been in a botnet?
What data is being accessed?
Is it classified? Is it allowed off premises?
Unique insights, informed by trillions of
signals. This signal is leveraged across
all of Microsoft’s security services
POWERED BY THE
INTELLIGENT SECURITY
GRAPH
450B monthly
authentications
18+B Bing web pages
scanned 750M+ Azure user accounts
Enterprise security for
90% of Fortune 500
Malware data from Windows
Defender
Shared threat data from partners, researchers and law
Enforcement worldwide
Botnet data from Microsoft Digital
Crimes Unit
1.2B devices scanned
each month
400B emails analyzed
200+ global cloud
consumer and Commercial services
Next-gen analytics built from security
awareness and endpoint data
Enhanced correlation
driven by big data + machine
learning
Enables customer-
focused threat intelligence
Microsoft Secure Productive Enterprise
now Microsoft 365
IF
Privileged user?
Credentials found in public?
Accessing sensitive app?
Unmanaged device?
Malware detected?
IP detected in Botnet?
Impossible travel?
Anonymous client?
High
Medium
Low
User risk
10 TB per day
THEN
Require MFA
Allow access
Deny access
Force password reset ******
Limit access
High
Medium
Low
Session risk
AZURE AD CONDITIONAL ACCESS