Security Hygiene is Still the Number One Priority

Security Hygiene is Still the Number One Priority

Last month we released the Microsoft Digital Defense Report, September 2020 issue. There are many great information in this report, but one thing that caught my attention was the paragraph below on page 10:

"The lack of basic security hygiene in any given ecosystem continues to enable cybercriminals to use well-known vulnerabilities—or new variants of them—to exploit their environments."

The emphasizes in security hygiene is not new, matter of fact is almost a pattern that repeats itself over the last few years. In a presentation that I co-delivered in May at the SANS Cloud Security Summit, I started my talk showing some studies that match the conclusion that was published in our Microsoft Digital Defense Report. The bottom line is: security hygiene is still the number one priority.

Cloud Security Posture Management with Azure Security Center

To address the challenges of security hygiene in a cloud environment, you need a Cloud Security Posture Management (CSPM) platform that can give you clear visibility of the current security posture of your workloads across multiple environments. Once you have that, you will also need to track progress of your security posture enhancement over time. How do you know that you are making progress? To answer this question, Azure Security Center uses Secure Score. I recommend you to watch this episode of the Azure Security Center in the Field with Miri Landau to learn more about the benefits of using Secure Score as your KPI to measure security posture enhancement.

Recently we released some very important updates in the CSPM space, via features that were announced at Ignite, via GitHub automations and blog posts that were published by our team, which includes:

Make sure to review these capabilities and use the ASC User Voice to provide feedback.

Stay safe!

@yuridiogenes





Thom Lembebu

MSc, Cyber Security Analyst

4y

You are right on this quote about the Security Hygiene. I do admit most company decide to move in the cloud because they transfert this security task to most advanced expert like Microsoft. My question is why did this secure score remain a recommendation tool instead of being a mandatory to benefit the Azure cloud service?

Like
Reply

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics