Microsoft has brought the power of its cloud-based identity and threat-management solutions to Gartner’s Security and Risk Management Summit 2018, at the InterContinental Hotel, Dubai Festival City.
The two-day event brings together the brightest minds and most seasoned expertise available in today’s cybersecurity industry. Specialists from around the world addressed the war against an ever-fluctuating threat landscape, and offered advice to Middle East organisations on their current security posture.
A recent Microsoft study surveyed nearly 1,000 GCC-based organisations on their knowledge of, and plans for cybersecurity, and covering areas from data protection to authentication. At a time when security professionals were urgently recommending next-generation identity-management techniques such as facial recognition, biometric identification and multi-factor authentication, just over 80% of large Gulf enterprises were still using usernames and passwords as the exclusive means of log-in to corporate networks.
A small minority was using next-generation practices. Just 11% used multi-factor authentication, seven percent reported using fingerprint-scanning, and just under 1% had adopted facial recognition. Additionally, 41% admitted to having clicked on links within unsolicited emails from unknown parties and just over 61 percent of those polled said their organisation did not yet have a data-classification solution in place.
At Microsoft’s invitation, world-renowned ethical hacker Paula Januszkiewicz, gave an address titled “Crouching Admin, Hidden Hacker” on the current most popular techniques used to attack infrastructure, and the best methods for protecting against them.
“Of course, there are some attacks that are effective, and almost always work, in most of the well-managed infrastructures,” said Januszkiewicz. “Cloud services organizations are more attuned to what goes wrong in even the best-configured, on-premises security solutions. Companies like Microsoft and their billions in research allow them to take a more nuanced approach, avoid most of the normal pitfalls and make solutions like single sign-on, service accounts and network sharing really work for customers.”
Microsoft is also running a ‘Hacking Experience’ at the company’s booth during both days of the summit. The opportunity offers delegates a chance to probe their organisations for vulnerabilities in real time and test how protected their business is from the regional threat landscape.
“Microsoft has been extremely active in the region in promoting enhanced security measures,” said Girard Moussa, Security Lead, Microsoft Middle East and Africa. “We believe, our presence at events such as the Gartner Security & Risk Management Summits have raised awareness and sparked discussion on the urgent need for more diligent action and enhanced policies, and we will continue to work with customers, governments and security professionals to ensure organisations can digitally transform in safety and confidence.”
At Gartner’s summit, Microsoft concentrated on showing delegates how the security shortfall can be addressed through the company’s threat protection and identity-management solutions. Microsoft’s vision for cyber security is to innovate for the common defence. The company spends $1 billion annually on cybersecurity R&D; to protect the digital estate of their customers with constant vigilance; through some of the industry’s most trusted practices. With the recent uptake in demand for its trusted cloud services, Microsoft earlier this year announced that it will deliver the secure, flexible and intelligent cloud for its regional customers through two dedicated cloud datacenters, one in Dubai and one in Abu Dhabi; catering specifically to enterprises in the Middle East.
The Microsoft trusted cloud includes Microsoft anti-malware and service architecture that protects against denial-of-service (DoS) attacks. Identity and access management are delivered through Microsoft Identity Manager, which automatically synchronises on-premises Active Directory identities with those of the Azure cloud, to deliver cloud-ready identities. Azure also offers multi-factor authentication and advanced certificate management.