The alarming number of cyber threats targeting Microsoft cloud applications shows cybersecurity needs an overhaul.

Ivan Fioravanti, Co-Founder & CTO, CoreView

March 11, 2024

4 Min Read
Crosshairs over a digital background
Source: Zenobillis via Alamy Stock Photo

COMMENTARY

The cybersecurity landscape, particularly within the Microsoft 365 ecosystem, constantly evolves. Recent incidents involving major tech companies and cybersecurity firms highlight a critical reality: Understanding security best practices for Microsoft 365 differs from implementing them effectively.

Kaspersky reports that 2023 saw a 53% increase in cyber threats targeting documents, including Microsoft Office documents, daily. Attackers tended to use riskier strategies, like breaking into systems covertly through backdoors. In one instance, a non-production test account lacking multifactor authentication (2FA/MFA) was exploited, while in another, a backdoor was added to a file, leading to a supply chain attack.

These incidents serve as stark reminders that even low-risk accounts and trusted updates within Microsoft 365 can become vectors for security breaches if they're not adequately protected and monitored. Despite organizations' deep expertise, those targeted organizations fell victim to advanced cyberattacks, emphasizing the crucial need for diligent application of security measures within the Microsoft 365 space.

The Role of AI in Governance

Artificial intelligence (AI) has grown tremendously over the past few years, and it can now be found in almost every facet of technology. In this transformative era of AI and large language models (LLMs), advanced AI models can be leveraged to enhance cloud security measures. AI is more than on its way to becoming standard practice, and organizations have no choice but to embrace it. By fine-tuning AI algorithms for expert domain knowledge, AI can provide organizations with actionable insights and predictive capabilities to proactively identify and address potential security threats before they become an issue. These kinds of proactive strategies empower organizations to safeguard their digital assets effectively.

On the other hand, AI also increases the need for heightened cloud security. Just as the good guys are using AI to advance technology practices, hackers also use AI to uncover new organizational vulnerabilities and develop more sophisticated attacks. Open source LLM models available on the Internet can be leveraged to create and execute very complex attacks and improve red-team and blue-team exercises. Whether being utilized for good or evil, AI plays a significant role in cybersecurity today, and organizations must understand both sides of its implications.

Three Ways to Heighten Your Security

As digital threats become increasingly sophisticated and the ripple effects of a single breach can impact multiple organizations, the need for vigilance, proactive security management, and continuous monitoring within Microsoft 365 is greater than ever.

One way to do this is by checking access control policies everywhere. Orphaned elements can become treasure troves for cybercriminals. For example, a salesperson should be able to access everything sales-related, including email, SharePoint, OneDrive, and more. However, if that person leaves the company and these elements are not monitored, often they will go unattended. The access control policies for elements containing precious data must be routinely checked and updated. 

Additionally, it is imperative to review delegations and manage permissions consistently. Delegating authentication credentials is essential to onboarding new programs or employees, but it doesn't stop there. These delegations need to be regularly monitored and reviewed as time progresses. Likewise, segregation of duties and deviations is equally essential to ensure that no one individual is granted too much control. Organizations frequently have too many permissions or outdated delegations, which can increase the risk of cybersecurity issues. Companies need to try to close in on the capabilities of a single operator and limit permissions as much as possible. A strong focus on delegation and segregation of duties will further enhance accountability and transparency.

Maintaining control over your cloud environment is another imperative. Solutions that support cloud governance can help enforce stringent security policies and streamline management processes. If you choose to partner with a cloud governance provider, be selective as your partner will hold the keys to your most precious assets. Security must always be seen as a layered approach; the more layers you add, the better. The key is creating layers that can be effective and balanced to achieve better governance without impacting productivity or processes.

Looking Ahead to a Safer Future

Based on the alarmingly high number of security breaches of security breaches targeting Microsoft 365, it is clear that the old way of doing things has to change. Gone are the days when simple antivirus software did the job; technology has undergone a complete paradigm shift, and therefore, our defenses need significant overhauls as well.

Implementing stringent security measures, conducting regular audits, and maintaining governance can significantly strengthen an organization's defense against cyber threats. By staying vigilant and proactive, it is possible to mitigate security risks and safeguard critical data assets from potential breaches before they wreak havoc on you or your customers.

About the Author(s)

Ivan Fioravanti

Co-Founder & CTO, CoreView

Ivan Fioravanti, Chief Technology Officer and Co-Founder at CoreView, has over 25 years of experience in Microsoft and IT. Since he started his career as a Linux / MS System Engineer and .NET developer, Ivan has become a highly decorated Microsoft expert and industry thought leader. His experience leading multiple technology teams spans across architecture projects, .NET, Biztalk, SQL, Identity, SharePoint, Azure, Software Factories, Visual Studio, Silverlight, HTML5, JQuery and other Microsoft technologies. Ivan uses his passion for AI, ChatGPT, and large language models (LLMs) to lead CoreView’s research and development efforts and to pioneer AI usage across the organization.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights