Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Microsoft reveals new secret weapon against cybercrime

Microsoft announced a new cybersecurity-based initiative that will allow small businesses and huge enterprises alike to tap into the tech giant’s in-house security services and personnel.

Named Microsoft Security Experts, the program will offer security services in the form of three distinct platforms.

Window's new Microsoft Security Experts program works to protect users from cybercrime using.
Windows

As reported by PCMag, the firm asserted in its announcement post that the current “security landscape has become increasingly challenging and complex for our customers.”

With the pandemic accelerating the growth of individuals’ and businesses’ digital presence more than ever before, it revealed that cybercrime threats have increased “at an alarming rate over the last year”.

In fact, Microsoft provided some statistics to show how dire the situation has become when it comes to digital security. In 2011, the costs associated with cybercrime totaled $3 trillion, while that number increased two-fold to $6 trillion in 2021. By 2025, that figure is forecasted to soar to $10.5 trillion on an annual basis, according to Cybersecurity Ventures.

In 2021 alone, the company said its Microsoft Security service blocked over 9.6 billion malware threats, in addition to detecting and blocking upward of 35.7 billion phishing and other malicious emails.

As for the attacks that evaded security and mitigation systems, the consequences proved to be devastating. In 2021, nearly $7 billion was stolen from individuals due to various cybercrimes — malware and phishing scams as well as others.

Furthermore, more than 35 ransomware strains are actively being monitored by Microsoft Security. The platform is also keeping tabs on 250 unique threat actors “across observed nation-state, ransomware, and criminal activities.”

Its technology allows Microsoft to block more than 900 brute force password theft attempts, which are attempted every single second, so don’t forget to reinforce your passwords.

The importance of adequate security measures pertaining to passwords shouldn’t be understated. We’ve recently seen some of the world’s largest corporations being infiltrated solely due to weak passwords.

Microsoft stressed, however, that technology in and of itself can simply not handle the threat of cybercrime without additional assistance.

“Technology is critical, but it’s the combination of leading technologies, comprehensive threat intelligence, and highly skilled people that makes for a truly effective security posture. The challenge is that in this critical moment when cybersecurity has reached an inflection point, our nation is facing a cybersecurity talent shortage…”

A digital depiction of a laptop being hacked by a hacker.
Digital Trends

Talent is not enough

An interesting statistic was mentioned in the blog post: Nearly one in three security jobs are currently vacant within the U.S. alone. As a result of this state of affairs and the lack of talent needed to fill said positions, the time of detection for a breach has reached an “alarming” 287 days.

Microsoft acknowledged that although talent may be readily available, general access to “highly skilled expertise remains a challenge.”

As such, the technology company is responding to the situation through an expansion of its existing service capabilities via Microsoft Security Experts.

“It’s getting harder every day for organizations to build and maintain a full security team, let alone one with the ever-expanding skillset required to meet the range of today’s security demands.

Security Experts combines expert-trained technology with human-led services to help organizations achieve more secure, compliant, and productive outcomes.

Our vision is to deliver this new category of services across security, compliance, identity, management, and privacy. The first step on that journey is offering new and expanded services for security.

Microsoft is uniquely positioned to help our customers and their partners meet today’s security challenges. We secure devices, identities, apps, and clouds — the fundamental fabric of our customers’ lives — with the full scale of our comprehensive multicloud, multiplatform solutions. Plus, we understand today’s security challenges because we live this fight ourselves every single day.

Now, our world-class security expertise is your security expertise.”

As for the services housed under the newly formed service category, these include three “managed services that can help you scale your team of experts to fit your needs — without the challenges of hiring and training them.”

Three new security services businesses can use

Microsoft Defender Experts for Hunting is for businesses or customers that already have an advanced security system in place, but require further help to actively monitor and combat threats that materialize within Microsoft Defender data (including endpoints), Office 365, cloud applications, and identity.

Microsoft Defender Experts for XDR, meanwhile, has been designed to supply customers with a service that can strengthen and enlarge the capacity of their security operations center.

Finally, ​​Microsoft Security Services for Enterprise has been reserved for the larger businesses that are “looking for more comprehensive, high-touch managed services from Microsoft experts.”

“This comprehensive, expert-led service combines proactive threat hunting and managed XDR, leveraging Microsoft’s complete security information and event management (SIEM) and XDR stack to protect all cloud environments and all platforms.

Dedicated Microsoft security experts manage onboarding, daily interactions, practice modernization, and incident response for you. Microsoft Security Services for Enterprise is sold through a custom statement of work and is available today. Interested enterprise customers should contact their Account Executive to learn more.”

Microsoft has previously brought attention to the lack of interest in the cybersecurity field. It highlighted how there will be 3.5 million vacant cybersecurity jobs by 2025.

As part of its efforts, it hopes to “help close the gap in the profession” by expanding its cybersecurity skills campaign to 23 more countries.

Hacking as a whole is reaching new heights as of late.

For example, cybercriminals have even found ways to target a PC’s power supply and manipulate it to cause a fire inside one’s own home.

Putting that dangerous scenario aside, a study published by Google confirmed that a record number of zero-day exploits, which have been given the distinction of being “one of the most advanced attack methods,” were attempted against leading technology firms, including Apple, Microsoft, and Google itself last year.

Zak Islam
Former Digital Trends Contributor
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Microsoft has a new way to keep ChatGPT ethical, but will it work?
Bing Chat shown on a laptop.

Microsoft caught a lot of flak when it shut down its artificial intelligence (AI) Ethics & Society team in March 2023. It wasn’t a good look given the near-simultaneous scandals engulfing AI, but the company has just laid out how it intends to keep its future efforts responsible and in check going forward.

In a post on Microsoft’s On the Issues blog, Natasha Crampton -- the Redmond firm’s Chief Responsible AI Officer -- explained that the ethics team was disbanded because “A single team or a single discipline tasked with responsible or ethical AI was not going to meet our objectives.”

Read more
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more