Microsoft has announced a set of business security tools, including a phishing attack simulator, that make it easier and more affordable for businesses to identify and fix vulnerabilities before they become an issue.
One of the key tools announced to coincide with the annual RSA conference in San Francisco, is the Attack Simulator. This tool is included in Office 365 Threat Intelligence, and is currently still in preview.
Spear Phishing Simulator
The tool, which simulates display name spear-phishing attacks, password-spray attacks, and brute-force password attacks, enables businesses to determine how end users behave in the event of an attack, and update policies to ensure that appropriate security tools are in place to protect the organization from threats.
A spear-phishing attack, for example, is used to gain access to users' credentials or financial information, and often involves sending emails, purporting to be from a person of influence in an organisation to other users. The Microsoft attack simulator tool applies machine learning models and impersonation detection algorithms to incoming email messages. The AI system is trained to detect phishing messages. It also uses algorithms to protect against various user and domain impersonation attacks.
Intelligent Security Graph
Microsoft credits its ‘Intelligent Security Graph’ as being the ‘central nervous system’ that is at the heart of its tools for tracking and mitigation of attacks across platforms and services. This combines AI with data gained from analysing web pages, emails and malware threats on Windows 10 and the cloud. This enables Microsoft to warn users of existing and new threats.
Only Access SaaS Service If Your Device Is Healthy
Another important development of Office 365’s Conditional Access service is an update (currently in preview) which combines Conditional Access Information with data from the Windows Defender Advanced Threat Protection (ATP) security scanner to ensure that a user can only access a given SaaS service if their device is healthy.
A potentially important new tool that Microsoft has developed for IT admins is an expanded version of the Office 365 Secure Score tool, which gives a single measure for evaluating the risk profile across Office 365 service and their users’ devices.
What Does This Mean For Your Business?
For many businesses e.g. SMEs, up-to-date cyber attack simulators would be beyond their resources. These new tools from Microsoft have been ‘trained’ thanks to AI and real-world analysis via Windows 10, thereby making them an affordable, accessible, and hopefully effective and welcome addition to the security options that businesses have at their disposal.
There is no doubt that human / employee error is at the heart of many successful cyber-attacks. With a phishing attack simulator that allows the creation of a fake phishing email, companies can see, for example, which employees fall for them, and this could serve as a way of identifying who needs extra security extra security training.
The combination of these new tools from Microsoft could provide an effective way that companies of all sizes could take proactive measures to plug gaps in their cyber-security shield, and guard against the kind of breaches that could be expensive and damaging, especially with the introduction of GDPR.