• About
  • Subscribe
  • Contact
Wednesday, May 7, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Technology Security

Right data and meaningful AI is critical to cybersecurity

Chris Fisher by Chris Fisher
May 24, 2021
Photo by Christina Morillo from Pexels

Photo by Christina Morillo from Pexels

The cloud has changed everything we know about security. With the rapid deployment of the cloud during a global crisis, cyber threats also have continued to evolve, prompting businesses to place greater emphasis on protecting their data and applications.

We have seen several data breaches over the last year and into 2021, such as the Microsoft Exchange Server hack and the Facebook leak which impacted half a billion users.

With the new work-from-home paradigm, the proliferation of data-driven applications, and the advancement of technologies such as artificial intelligence (AI) and Internet of Things (IoT) in the enterprise, cybercriminals too are using more advanced tools and sophisticated methods to attack organisations and breach privacy.

A virtual workplace has also meant that some layers of security are difficult to manage. In efforts to maintain productivity and business continuity, remote workers are now accessing more data and critical business software and systems from networks, and maybe sometimes even devices, that are not managed by their organisation.

As a leader in the productivity space with over 250 million active users, Microsoft Office 365 has also piqued the interest of looming cybercriminals due to the platform’s large audience.

In fact, during a recent global survey of 1,112 security professionals by Vectra AI, results showed how criminals are regularly bypassing security controls including multi-factor authentication (MFA), proving that determined attackers are still able to gain access. User account takeover in Office 365 is the most effective way for an attacker to move laterally inside an organisation’s network.

A new study has now revealed the top 10 threat detections for Microsoft Azure AD and Office 365, representing a large attack surface that businesses need to manage. These include Abnormal Exchange operations, suspicious sharing activity and mail forwarding, O365 external Teams access and unusual eDiscovery search.

According to the study, a number of these threat detections represent activities that provide ease of use, collaboration with external parties, and provisioning of administrative access to the Azure AD environment.

Detecting the “out of the ordinary”

In this landscape, enterprises are coming to realise that cyber threat defence and mitigation against increasingly sophisticated attacks are becoming ever harder to identify.

Constantly evolving threats means a round-the-clock effort and highly specialised skills are required to bolster enterprise cybersecurity, particularly within a hybrid cloud environment.

It’s for these reasons and more that collecting the right data analytics and having meaningful AI are fast becoming forces of change in cybersecurity strategies.

On a basic level, AI security solutions are programmed to identify “safe” versus “malicious” behaviours by cross-comparing the behaviours of users across an environment to those in a similar environment.

Deploying AI as a core pillar when extracting informative data from a network, both on-prem and off, is critical in obtaining an advantage against malicious threat actors and attacks that can be progressed by abnormal exchange operations.

For example, attackers with the ability to manipulate exchange can arbitrarily access information contained in an email and siphon off information by forwarding emails externally. Further, they may also have the ability to trigger the execution of scripts which can help them move laterally.

When it comes to suspicious operations in an Azure AD environment, businesses that are unable to detect adverse behaviours and may suffer privilege escalations or account takeover that lead to data loss or critical cloud services.

Better visibility for better detection

To better protect an organisation from inside and external threats, I’d like to share some best practice tips:

1.  Apply a mix of subject matter experts and technology
It’s not enough to just invest in the tools but it matters to build knowledge and establish stringent governance frameworks.

That’s where vendors with true cybersecurity expertise drive value, helping organisations not only to draw upon the expertise and intelligent, AI-driven detection tools but to also gain deep visibility into security and compliance gaps.

2.  Understand your threat landscape

It is imperative that organisation truly understand their new enterprise network. We have seen perimeters of the network vanish during 2020 as organisations have shifted to the cloud; the modern enterprise network is now Datacentre, IaaS, SaaS and PaaS.

It is vital that the enterprise has visibility into all of these networks and be able to track attackers as they pivot through these environments. We must build detection and response capabilities that can shine a light into all these environments and track attacker behaviour as they attempt to move laterally through these environments. 

3. Prioritise and respond at speed and scale

Enterprises can not only identify attackers as they pivot through the modern network, but they must have the ability to respond rapidly and in a consistent way across all network stacks be that IaaS, SaaS, PaaS, or Datacentre.

The only way the enterprise can achieve this is via prioritisation of incidents leveraging AI and automation. This will then ensure that the limited capacity of the SOC will have the best chance to drive down metrics such as mean time to remediation, therefore reducing the impacts of attackers and reducing the risk of a widespread breach.  

Know your threats from inside out

With the scarcity of cybersecurity talent, many organisations struggle with experience shortfalls in their cybersecurity team. Meaningful AI can help close the gap in your Office 365 and Azure AD accounts, so are equipped with the right data to detect and mitigate when suspicious behaviours are detected.

How quickly an entity responds to a breach and identifies the attacks quickly and effectively will determine who is secure in the ‘new normal’ and succeeds in this fast-changing time.

Related:  SONiC rises to fill the demand for agile enterprises
Tags: Artificial IntelligenceAzurecybersecurityIaaSOffice 365PaaSVectra.ai
Chris Fisher

Chris Fisher

Chris Fisher is the Head of Security Engineering for Vectra.ai in the Asia Pacific and Japan Markets. As a leader for the APJ business Fisher’s key responsibility is to ensure that our customers have the security foundation to embrace new technology and lines of business, allowing them to digitally transform whilst reducing business risk and improving their security posture. Fisher has over 15 years of cybersecurity experience from practitioner through to strategic advisor for large organizations. He has vast experience in SCADA environments working in the mining and energy sectors for several years. Recently he has been helping customers transition to cloud environments securely. He has also worked with organizations on end-to-end security strategies to ensure that cybersecurity is an enabler for the business thus allowing them to take on new innovative services without the risk of compromise.

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe