Enterprise Story | Security & Privacy overview
Transcription
Enterprise Story | Security & Privacy overview
Microsoft Productivity Future Vision THE WORLD HAS CHANGED Security Challenges Change Microsoft Productivity Future Vision 20 15 10 5 INTERNET OF THINGS PC, SMARTPHONE & TABLET 0 2013 2014 GROWTH OF CONNECTED DEVICES BILLIONS OF UNITS 2015 2016 2017 2018 2019 Microsoft Productivity Future Vision 0.16 2006 4.4 44 2013 2020 ZETTABYTES OF DATA 1 ZETTABYTE = 1 B TERABYTES Microsoft Productivity Future Vision “ W H AT I S S C A R C E IN ALL OF THIS ABUNDANCE I S H U M A N AT T E N T I O N ” S AT YA N A D E L L A Microsoft Productivity Future Vision THE SHIFT OLD WORLD Information scarce Static hierarchies Compete to win Individual productivity Focus on planning ahead Efficiency of process NEW WORLD Information abundant Dynamic networks Collaborate to win Collective value creation Experiment, learn and respond Effectiveness of outcomes Microsoft Productivity Future Vision HUMAN ACTIVITY C O L L A B O R AT I V E INTELLIGENT N AT U R A L MOBILE BRINGING PEOPLE TO G E T H E R LIVING SMARTER FRICTION-FREE C R E AT I V I T Y FLUID MOBILITY Microsoft Productivity Future Vision At the Core: Security and Privacy Managing risk in an increasingly connected world “This Nexus of Forces is impacting security in terms of new vulnerabilities. –Ruggero Contu, Christian Canales and Lawrence Pingree. Forecast Overview: Information Security, Worldwide, 2014 Update. Gartner, Inc. June 25, 2014. 205 median # of days attackers are present on a victim network before detection Job security Customer loyalty Security Implications Brand reputation Legal liability Intellectual property $ 3.5M Average cost of a data breach to a company 15 % increase YoY is a CxO level issue Impact of cyber attacks could be as much as $3 trillion in lost productivity and growth 10 Because we are under attack Indiscriminate Consumer Single Vector Manual Desktop Visible Lone Agent Spam Information Theft Targeted Enterprise Target Multi-vector Automated Device and Cloud Concealed Organised Ecosystem Information Theft Process Disruption “The world is changing very fast. Big will not beat small anymore. It will be the fast beating the slow.” Rupert Murdoch Primary targets Public Sector, Information, Financial Services Manufacturing & Retail are the primary targets 63% Percentage of total security incidents in 2014 were directed toward public sector Verizon, “2015 Data Breach Investigations Report” Coordination Collaboration Disruption How do we win? It will take a partnership Government set policies and principles Anti-malware and security ecosystem identify, block, sinkhole Enterprises starve and inform OEMs Vendors security by design CERTs, ISPs & Law Enforcement Large-scale Public Services Cloud Providers, Telco’s Seize, prosecute, takedown identify, block, partner Microsoft Experience and Credentials Today: Cloud First, Mobile First On the road At home In the office On personal devices 24 x 7 collaboration Through social media Elements to a Resilient Infrastructure Management Protect Threat Information Detect Response 18 Resilience against modern Cyberthreats The Hockey Analogy 19 Coaching Management Build the Foundation for Success and Adapt to Changes 20 Goalie Protect Patch, Deploy Newer Products, Apply the SDL 21 Awareness Detect Active Attacks 22 Defense Response Customer, CSS and Cybersecurity Team Threat Information Intelligence 24 Management Protect Detect Response Patch, Deploy Newer Products, Apply the SDL Active Attacks Customer, CSS and Cybersecurity Incident Response Threat Information Overall Resilience of an Organizations IT Infrastructure Overall Internet Resilience (Ecosystem) Security framework: achieving overall resilience Cloud Resilience On-Premises Systems Resilience Trust in your provider that they are protecting their customers and are a global cybersecurity advocate Strong principles and policies that empower you to be in control of your information Privacy Deep Investment in building a trustworthy computing platform and security expertise Compliance Security Risk management Aggressively fight cybercrime and advocate extensively for enhancing cybersecurity Advocacy Transparency Governance Access to a Transparency Center to work directly with source code for certain high-volume products Remote access to online source code for certain high-volume products Technical data about products and services, including about Microsoft’s cloud services Information sharing about threats and vulnerabilities from Microsoft MICROSOFT CONFIDENTIAL Core Investments WINDOWS 10 PROTECTS YOU FROM MODERN SECURITY THREATS Secure Identities Information Protection Threat Resistance MCS Cybersecurity Services Protect Microsoft & Showcase Learnings Remote Security Incident Support On-Site Security Incident Response Advisory Services Security Solutions & Consulting Advanced Tools & Technologies The Microsoft Digital Crimes Unit (DCU) Cybercrime costs consumers $113 billion a year* 1 in 5 small and medium enterprises are targeted by cyber criminals** Every second, 12 people are victims of cybercrime – nearly 400 million every year* 50% of online adults have been victims in the past year Financial Fraud 53% of the world’s securities exchanges were targeted in 2012 Online Child Exploitation The NCMEC has reviewed more than 90 million images and videos of child * 2013 Norton Report pornography.*** ** National Cyber Security Alliance *** National Center for Missing and Exploited Children The Digital Crimes Unit is an international legal and technical team working with partners, to help create a safe digital world, by working on issues such as: • Malicious software crimes • IP crimes • Protecting vulnerable populations The team applies legal and technical expertise to help enhance cloud security and make the digital world safe for everyone. • DCU brings cybercrime experts across the areas of IP crimes, botnets, malware, and child exploitation under one umbrella, so that when focus areas intersect we can work better together to eliminate cyber threats to Microsoft’s businesses, customers, and the entire digital ecosystem. • With cooperation across industry, criminal law enforcement organizations, academia, and NGOs worldwide, DCU aims to put cybercriminals out of business and create a safe online experience for everyone. Key Principles for Security and Transparency It’s your data