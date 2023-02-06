By Microsoft Security

The annual Microsoft Digital Defense Report aggregates security data from organizations and consumers across the cloud, endpoints, and the intelligent edge to create a high-level overview of our threat landscape. With insights derived from 43 trillion daily security signals, companies can use this report to strengthen their cyber defenses against the most pressing threats.

This year, the report is divided into five sections covering trends in cybercrime, nation-state threats, devices and infrastructure, cyber-influence operations, and cyber resiliency. Keep reading for an inside look at section five of the report on cyber resiliency.

Five ways to increase your cyber resilience

Threat actors with geopolitical motivations are escalating their use of offensive cyber operations to destabilize governments and impact global trade operations. As these threats increase and evolve, it’s crucial to build cyber resilience into the fabric of the organization.

Many cyberattacks are successful simply because basic security hygiene has not been followed. In fact, over 80% of security incidents can be traced to a few missing elements that could be addressed through modern security approaches. This includes things like ​​having an insecure configuration of your identity provider, lacking sufficient privilege access and lateral movement controls, failing to implement multifactor authentication (MFA), and more.

If your organization is looking to strengthen its cyber resiliency, we recommend starting with the following essentials:

Enable multifactor authentication (MFA). MFA is a critical and fundamental user access control that all organizations should enable. Coupled with conditional access, MFA can be invaluable in fighting cyber threats.

2. Apply Zero Trust principles. The cornerstone of any resilience plan involves limiting the impact that a cyberattack can have on an organization. When implementing Zero Trust, organizations should focus on explicit verification to ensure users and devices are in a good state before allowing access to resources, least privileged access to restrict movement between sensitive documents, and assumed breach as a means of constantly monitoring your environment for a possible attack.

3. Use modern anti-malware. Implement software to help detect and automatically block attacks and provide insights into security operations. Monitoring insights from threat detection systems is essential to being able to respond to threats in a timely fashion.

4. Keep up to date. Unpatched and out-of-date systems are a key reason many organizations fall victim to an attack. Ensure all systems are kept current including firmware, the operating system, and applications.

5. Protect data. Knowing your important data, where it is located and whether the right systems are implemented is crucial to implementing the appropriate protection.

Download the full Microsoft Digital Defense Report for a closer look at today’s cyber threat landscape and for even more details, check out our recent webinar, “Build cyber resilience by leveraging Microsoft experts' digital defense learnings.”