The risk landscape for organizations has changed significantly in the past few years. The amount of data captured, copied, and consumed is expected to grow to more than 180 zettabytes through 2025.1 Traditional ways of identifying and mitigating risks don’t always work. Historically, organizations have focused on external threats; however, risks from within the organization can be just as prevalent and harmful. These internal risks include unprotected and ungoverned data, accidental or intentional data oversharing, as well as the risks for failing to meet ever-changing regulations. Not to mention, with more than 300 million people working remotely, data is being created, accessed, shared, and stored outside of the traditional borders of business.
Core to a security team’s mission is protecting the company’s assets, especially its data. Strong data protection requires securing the most sensitive or critical data, preventing that data from leaving the organization, and managing potential risks inside and outside of your environment.
And managing internal risks can be challenging because it requires analyzing millions of daily signals to detect potentially risky user actions that may lead to a data security incident. For example, what confidential files are your users sharing or accessing? Are users sharing sensitive files externally? Are they downloading files to unapproved devices or uploading them to unapproved locations? All the while, you must balance security controls and productivity, and ensure user privacy is built into your program.
To be effective in addressing insider risks, it’s critical that organizations start thinking about how and why they should be implementing a holistic data protection strategy across their entire organization that encompasses people, processes, training, and tools. At Microsoft, we transitioned from a fragmented insider risk management approach to one in which we addressed it holistically by taking a more comprehensive approach, getting more buy-in from organizational leadership, and making sure user privacy is built in from the get-go.
Following our own transition, Microsoft wanted to better understand how organizations are approaching insider risk management, specifically how some of these security and compliance teams were thinking about insider risk management holistically. Today we’re publishing our first Microsoft report specifically addressing insider risk, “Building a Holistic Insider Risk Management program.”
This Microsoft-commissioned report lays out several new insights about how organizations go from a fragmented approach to insider risk management to a holistic one, addressing potential risks from multiple lenses as part of a greater data protection strategy, with cross-leadership buy-in. For example, we found that more than 90 percent of holistic organizations believe privacy controls should be used in the early stages of investigations. Holistic organizations also get more buy-in on their risk programs from other departments, like legal, HR, or compliance teams, which is critical to building a culture of security. Furthermore, they put a greater emphasis on training with 92 percent agreeing that “training and education are vital to proactively address and reduce insider risks,” compared with 50 percent of fragmented organizations.
The report also shares best practices for organizations who endeavor to approach insider risk management more holistically and build a program that fosters trust, empowers users, and makes privacy a priority.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
“When you get off the train, you might have enough savings to get to a group home and support yourself for a little while, but that usually dries up quickly, and it’s important that help be available as soon as that happens,” says Helena Krajewska, a Polish Humanitarian Action spokesperson who met the Dubohray family in June. “People were applying to us for help without much hope, because they hadn’t received assistance from others, and they were surprised to receive support so quickly from us.
“Technology played a big role in this,” Krajewska says, “because it sped up the process and allowed us to process a lot of applications at the same time.”
Lyubov Volodimirivna Dubohray and her son (Photo by Roman Baluk/Polish Humanitarian Action)
The impact of technology during times of crisis has always been clear and has become even more critical in recent years. Global warming has brought more catastrophic storms and floods affecting hundreds of millions around the world. In just the past few weeks, Microsoft has activated giving campaigns to help those affected by Hurricane Fiona in Puerto Rico and Hurricane Ian in Florida. Disaster response teams are providing technical assistance and resources to organizations in need.
The coronavirus pandemic brought unprecedented global challenges as well, and Microsoft’s disaster response efforts have grown accordingly. The company has honed its processes to make a timely difference in the communities where it operates, not just through software and hardware donations but by harnessing the skills of a vast global workforce made up of people longing to help with their time, talents or money.
“Unfortunately, we’ve had too many opportunities, over the last few years particularly, to build our muscles for disaster response,” says Kate Behncken, who’s been leading Microsoft Philanthropies since 2019 and saw employee giving skyrocket for the COVID-19 and Ukraine response efforts. “The level of energy across the company for the social impact work Microsoft does is at an all-time high. Employees will often say it’s one of the things they value about working at the company, the fact it values both profit and purpose and invests in both.”
The seriousness with which the company takes its role in society — executives often say giving is “in our DNA” due to the influence of Microsoft founder Bill Gates’ philanthropic mother, Mary Gates — is what drew Lena Ryuji there 15 years ago. She now leads philanthropic engagement in Japan, a country that has had to cope with more natural disasters than most, so she keeps the disaster-response team on speed-dial.
Ryuji was working with nonprofits to help the most vulnerable in the aftermath of the 2011 earthquake and tsunami when a Japanese state government official reached out. It was taking days to issue critical reports to the public on the radiation levels after the Fukushima nuclear accident, as inspectors used paper and fax machines to report from dozens of monitoring posts around the country. Within a few hours, Ryuji and her colleagues pulled together a team and had Microsoft engineers working on the problem. When she woke up the next morning, the system was in place with a secure and mobile cloud solution.
Lena Ryuji, right, who leads Microsoft’s philanthropic engagement in Japan, and Tadayuki Nakamura, left, a government official, using the cloud to connect evacuation centers after the Kumamoto earthquake in 2016 (Photo provided by Ryuji)
That experience wasn’t an anomaly, Ryuji says, adding that employees have jumped in to help with mudslides, floods and other emergencies that have taken place every year. And just as Microsoft is helping governments and first-responder organizations prepare ahead of time for disaster relief, it has refined its own methods to be more effective. Each department has assigned individuals who understand how the company and its employees are equipped to help, how to reach the right contacts and how best to work together so it’s not a scramble in the midst of a crisis, Ryuji says.
“I really appreciate that we as Microsoft are also prepared, that we have a process that’s handled centrally and that we are trained on,” she says.
Erich Pfeiffer was working for Microsoft as a principal consultant at the U.S. military’s Ramstein Air Base in Germany last year when the Taliban’s seizure of Afghanistan led to the largest air lift in U.S. history. He watched as a runway was turned into an impromptu tent city to house a steady stream of unexpected refugees.
“I went home late that Friday night and thought, ‘We have a disaster response unit in Microsoft, so I wonder if we can do anything to help,’” Pfeiffer recalls.
By the end of that weekend, he’d gotten a mission approved to help with the Afghanistan evacuation. Work began Monday morning to create a digital system to track and manage housing, food and ration cards, and more for the thousands of refugees suddenly living on the base.
“There were people who had been on planes for 15, 18 hours, just come out of a war zone, and while they’re waiting to be processed they don’t have a bed to sleep in and they’re just sitting on the ground for hours,” Pfeiffer says. “So the faster you can get them processed, the faster you can get them settled down to recuperate.”
Engineers, cybersecurity experts and a whole infrastructure team from northern Germany all rushed in to help, giving up sleep themselves for days, Pfeiffer says. They built an application and set up dozens of consoles that helped track, locate and reunite families amid the mayhem and more than quadrupled the number of refugees getting processed each hour to about 250, only stopping because that was as fast as tents could be set up.
Microsoft employees Michael Vasiloff, Matt Hillman, Erich Pfeiffer and Stephon Westfall helped create tech solutions that moved tired refugees arriving from Afghanistan more quickly to the tents being erected for them at a U.S. military base in Germany. (Photo provided by Pfeiffer)
“We were empowering the people processing them to get these folks moved through to a better place where they could have a better life,” Pfeiffer says. “There isn’t a single one of us who wouldn’t do it all over again. And in fact, we all are. Fast forward to February and every one of us is back at it helping displaced people again, but from Ukraine this time.”
Pfeiffer and his colleagues have harnessed their experience to create volunteer and refugee management systems around Europe, helping Ukrainians find housing, join their host countries’ healthcare systems and more. Depending on the situation, they volunteer their hours or bill Microsoft’s disaster response team as a member of a formal company engagement, Pfeiffer says.
“Everything Microsoft’s disaster response team does — everything — is at zero cost and has to meet one simple criteria: It has to relieve human suffering,” he says.
Beyond the free disaster-response assistance, Microsoft gave $2.5 billion in grants and discounts to more than 300,000 nonprofits last year alone. And the new Microsoft Cloud for Nonprofit provides solutions for activities every charitable organization around the world has to manage — fundraising, program design, volunteer management and the like — so such groups can respond faster and more efficiently, especially during times of crises.
Microsoft also matches employees’ volunteer time and cash donations through the Employee Giving program, which is almost as old as the company itself and has provided $2.49 billion in assistance over the decades.
Click to enlarge or download.
It uses its wide reach to partner with customers as well. Xbox, for example, teamed up with the gaming community to raise millions of dollars for organizations including World Central Kitchen, which has been feeding people all over Ukraine since the day after the first missile hit on Feb. 24. LinkedIn gives grants to nonprofits that help newly settled refugees find jobs that match their skills, and it created a site with tools for displaced people that’s available in seven languages. Microsoft Advertising offers ad grants on channels including Yahoo and MSN. And Bing provides awareness on the home page and directs users to fundraisers and other ways to help.
While the war in Ukraine has dominated news in 2022, there are more displaced people in the world than ever before, with 100 million refugees fleeing wars and natural disasters. Tech companies are uniquely placed to help, especially since technology now touches every aspect of life, says Juan Lavista Ferres, Microsoft’s chief data scientist and the director of the AI for Good Research Lab.
“There are problems that only artificial intelligence can solve, and more than 90% of AI experts work in the tech and financial sectors, not the nonprofits or governments,” Lavista Ferres says. “So we as a company have a responsibility to use our knowledge to help the world.”
Announcing updates to Azure Space, as we work with our growing ecosystem of partners to provide low latency access to the cloud from anywhere.
I’m here in beautiful Paris for the 25th annual World Satellite Business Week. Moments ago, I participated in a fireside chat with Pacome Revillon , CEO, Euroconsult, in which I unveiled our latest Azure Space developments to enable digital resiliency and empower the space industry. First up, Azure Orbital Cloud Access is now available in private preview for Azure Government customers. Using a prioritized network provided by SpaceX’s Starlink connectivity and Azure Edge devices, customers get low-latency access to the cloud from anywhere on the planet that Starlink operates. This technology helped us enable new scenarios for customers, including the Wildland Fire Information Technology (WFIT) group at the National Interagency Fire Center (NIFC). Working with them, we conducted a test of our Azure Orbital Cloud Access capabilities with the goal of equipping firefighters with uninterrupted connectivity in remote locations to their wildfire response management solution in Microsoft Teams and SharePoint. We also partnered with Pegatron and SES Satellites to explore a scenario that brings together the power of 5G and space in natural disaster scenarios that may compromise communications infrastructure to equip the Hsinchu City Fire Department in Taiwan with connectivity resiliency. Next, alongside our partner network that includes KSAT – Kongsberg Satellite Services, our fully managed Ground Station as-a-Service, Azure Orbital Ground Station, is now generally available to all customers. This gives customers such as Pixxel, Muon Space, and Loft Orbital the ability to operate their satellites with Azure while reducing costs and ensuring data is available in their Azure tenant for further processing.
Lastly, we are continuing digital transformation efforts by creating elasticity and minimizing costs for satellite operators thanks to our virtualized satellite communication networks and expanded updates from ST Engineering iDirect and SES. You can read the full details with the latest news in my Azure blog post: https://lnkd.in/gZQ9GjH5. #WSBW#AzureSpace#MicrosoftAzure#5G#Space#Satellite
Microsoft is also working with First Women’s Bank to develop new learning, networking and business development opportunities for the entrepreneurs through the WIT Network andCloud Acceleratorprograms.
Aisha and Ruth Miller each brought their own unique skills and aspirations to their business, which officially opened on June 5. Born and raised on the south side of Chicago, Ruth Miller worked as an educator and principal prior to becoming an entrepreneur.
She’d always longed for more autonomy. When she retired, she originally aspired to open a daycare or school, but learning about Tropical Smoothie Café’s business model — and her love for the food and drinks the stores serve — convinced her to start a franchise with her daughter.
She even carried her passion for child education into her new business venture: She plans to incorporate various initiatives, including reading incentive programs, for the kids who attend neighboring schools.
“I kind of felt that maybe if I had my own business,” she says, “then I can do things my way.”
Aisha and Ruth Miller share a laugh behind the counter of their new business. (Photo by John Brecher)
Aisha Miller studied business administration at Howard University, earned her MBA from the University of Michigan and now works full-time as a technology and digital transformation consultant. At the café — nestled between other shops on Cicero Avenue in Burbank, Illinois — she focuses on the marketing and strategy of the franchise while her mother handles the day-to-day operations.
“I think we work really well together,” she says. “I think the older you get, your relationship with your mother evolves so it’s less mother-daughter and more like, I don’t know, two best friends doing a business venture together.”
Neither had ever owned a business, so when they decided to make the leap, they liked the idea that First Women’s Bank’s was the first commercial bank in the U.S. that was founded, owned and led by women with a mission to help other women succeed. They say they also found the support they needed there.
“Being the first in our family and the first of my friends to do anything like this, it was kind of important to go with them because they are also the first — it felt historic in that way,” reflects Aisha Miller. “They wanted to know about us, like who were we as business owners? What was our vision? They just felt invested in us as people, and invested in our dream.”
Now the Millers are creating their own impact in the community. They have hired 28 part-time employees, a racially diverse group including many high school and college students.
COVID-19 brought a variety of challenges to the US population. One of the most significant was reaching underprivileged, underserved, and undocumented communities for COVID-19 testing and vaccinations.
The California Health Medical Reserve Corps (CHMRC) is an authorized medical reserve corps that works to close gaps in care delivery between healthcare, public health, response organizations, payers, and community-based health organizations. With the power of Microsoft technology, CHMRC and non-profit organizations were able to deliver COVID-19 testing and vaccines to those in need at an unprecedented rate. In October 2022, the Microsoft team will join CHMRC at the 2022 ISM Annual Conference & Expo to discuss this topic, and much more.
Engaging with all residents
Rapidly changing federal, state, and local guidance and protocols for face-masking, social distancing, working remotely, and vaccination requirements meant that significant groups of the state’s population lacked the means or ability to comply. Identifying and addressing the real needs of underserved populations was especially challenging, necessitating innovative collaborations at the intersection of healthcare, public health, and community organizations. Engaging these residents required flexible, scalable, and secure information sharing and cooperation among a variety of agencies and health entities.
For instance, rapid drive-through mass testing and vaccination sites were created to quickly provide services to residents where it was needed most. There was also a need to provide support to those communities who may be hesitant, untrusting, or hard-to-reach.
“Trust is hard to build, and even harder to maintain and grow. Our population speaks many languages, have limited digital skills, lack cell phone, and internet access, and fear and distrust government and large institutions. Through the Microsoft solution, CHMRC was able to capture data, provide continuity of care, and enable these sites with supportive and necessary technology. Partnering with Microsoft enabled CHMRC to not only garner trust and be accountable to those most in need, but we are also now engaged with those communities and the organizations they trust on an ongoing basis.”—Dan Desmond, CHMRC Executive Director, MRC Director.
As the pandemic grew, California, like many other states and territories, faced a nearly insurmountable challenge with multiple regional immunization registries, reporting systems that had supported small outbreaks hit with millions of test results, and the digital divide between healthcare and public health requiring most case reports to be faxed and entered manually.
“CHMRC faced three challenges that the ‘technology first’ approach was not addressing: Privacy of individual information, support in rural locations with limited connectivity, and flexibility to adapt on the fly to meet community needs. Microsoft worked with us to quickly bring technology enabled care to those that needed it, rather than forcing them to come to large mass-vaccination sites.”—Dan Desmond, CHMRC Executive Director, MRC Director.
Responding at unprecedented speed
Because it was at the center of the crisis, CHMRC grasped the importance of data-coordination and feedback-sharing. It worked with state and local public health agencies to ensure that its new solution, Vaccines for All (V4A), addressed the gaps and took advantage of systems already in place.
“When COVID started, we realized that all the advanced technology and systems lacked the flexibility to adapt to the situation. Microsoft 365 E5 gave us the power, security, and flexibility to solve this challenge. Now, almost every feature in Microsoft 365 E5 has been used as we move beyond the pandemic to build stronger, healthier, and more resilient communities.”—Dan Desmond, CHMRC Executive Director, MRC Director.
The first phase of the V4A project was to improve inter-agency collaboration, boost COVID-19 test collection, distribute more rapid tests, and deliver education in non-clinical settings such as farms, churches, community centers, parks, and schools. Critical to the project was the ability to securely collect personal information and make it usable for legacy healthcare and public health systems.
The first phase of V4A successfully connected multiple systems and, with the help of Microsoft Azure Active Directory, set the stage for the second phase. The second phase benefited from several weeks of planning and preparation as access to COVID-19 vaccinations expanded beyond healthcare workers and those at critical risk. Meanwhile, COVID-19 testing needs expanded as a requirement or vaccination alternative to resume work or attend events.
The three key components of V4A Phase Two were:
Enhance Microsoft Vaccine Management (MVM) to support walk-up and ad-hoc vaccinations in addition to the existing capabilities for mass vaccination sites.
Integrate MVM with the existing solution platform and quickly extend it to include a multi-language call center providing online support, registration to those without the capability, and identifying other needs such as scheduling transportation and providing clear, consistent messaging for public health to community partners.
CHMRC participation in Vaccine Equity Consortium (VEC) started by Microsoft together with Easter Seals, United Way Worldwide, and other partners.
Moving forward
The value of the Vaccine Equity Initiative cannot be understated as it has brought lessons learned and best practices from across the country that helped to quickly expand and enhance the V4A Project. Other communities in California, Washington, Georgia, and Mississippi provided advice and valuable insights to CHMRC and the VEC. CHMRC, through the Vaccine Equity Consortium, is working now to make this technology platform available globally.
Today, V4A is entering its third phase: COVID Catch-Up. This phase expands healthcare services to include Medicaid enrollment, wellness checks, past-due vaccinations, and more.
Join us at the 2022 ISM Annual Conference & Expo
We invite you to attend the upcoming session on how technology enables health equity at the 2022 ISM Annual Conference & Expo. You will hear directly from CHMRC and Microsoft about how technology helps deliver essential health services to underserved, vulnerable, and disadvantaged populations. We’ll also demonstrate how the VEC public-private partnership model may serve as an operational model for addressing global healthcare disparities.
FARMINGTON, Wash. – The gently rolling hills here in eastern Washington have long grown rich harvests of wheat, barley and lentils.
Fifth-generation farmer Andrew Nelson is adding a new bumper crop to that bounty: Data.
He gathers it from sensors in the soil, drones in the sky and satellites in space. They feed Nelson information about his farm at distinct points, every day, all year long — temperature variations, soil moisture and nutrient levels, plant health and more.
Nelson in turn feeds that data into Project FarmVibes, a new suite of farm-focused technologies from Microsoft Research. Starting today, Microsoft will open source these tools so researchers and data scientists — and the rare farmer like Nelson, who is also a software engineer — can build upon them to turn agricultural data into action that can help boost yields and cut costs.
The first open-source release is FarmVibes.AI. It is a sample set of algorithms aimed at inspiring the research and data science community to advance data-driven agriculture. Nelson is using this AI-powered toolkit to help guide decisions at every phase of farming, from before seeds go into the ground until well after harvest.
FarmVibes.AI algorithms, which run on Microsoft Azure, predict the ideal amounts of fertilizer and herbicide Nelson should use and where to apply them; forecast temperatures and wind speeds across his fields, informing when and where he plants and sprays; determine the ideal depth to plant seeds based on soil moisture; and tell him how different crops and practices can keep carbon sequestered in his soil.
Andrew Nelson studies a FarmVibes.AI image identifying grass weeds in one of his fields. It was created from multispectral drone imagery and will inform Nelson’s treatment decisions later this fall. (Photo: Dan DeLong for Microsoft)
“Project FarmVibes is allowing us to build the farm of the future,” said Nelson, who has partnered with Microsoft Research to turn his 7,500 acres into a proving ground for Project FarmVibes. “We’re showcasing the impact technology and AI can have in agriculture. For me, Project FarmVibes is saving a lot in time, it’s saving a lot in costs and it’s helping us control any issues we have on the farm.”
The new tools sprouted from Microsoft’s work with large customers like Land O’ Lakes and Bayer to integrate and analyze data. Project FarmVibes reflects more recent research in precision and sustainable agriculture.
By open sourcing its latest research tools, Microsoft wants to spread them far beyond Washington to help tackle the world’s urgent food problem, said Ranveer Chandra, managing director of Research for Industry.
By 2050, we’ll need to roughly double global food production to feed the planet, Chandra said. But as climate change accelerates, water levels drop and arable lands vanish, doing that sustainably will be a huge challenge.
“We believe one of the most promising approaches to address this problem is data-driven agriculture,” he said.
TwitchCon returns to the San Diego Convention Center this weekend for the first time since 2019, and for those of you planning to attend, we hope to see you in person at Hall D, Booth 3033.
Meet Grounded’s Broodmother
Arachnophobes be on guard — Obsidian Entertainment will be giving TwitchCon attendees an opportunity to meet the (larger than) life-sized Broodmother spider to snap a selfie with and escape intact. If you haven’t had a chance to experience Grounded’s 1.0 update yet, you’ll find demo stations running, and you can meet members of Obsidian’s community team.
Creators Welcome
For Twitch Affiliates and Partners in attendance, we’d love to meet you! The Xbox Creator team will be set up at the booth during show floor hours all weekend; drop by and set up an appointment to meet the team.
Streaming Schedule
Even if you won’t be in San Diego this weekend, the Xbox Stream Team has a full slate of livestreams for you to enjoy. Meg and Mav will be joined by several of your favorite Twitch creators throughout the weekend, broadcasting some of their favorite new games (including an early look at Scorn) on the Xbox Twitch channel. The streams are scheduled to kick off on Saturday and Sunday, October 8 and 9, 2022 at 10 a.m. PT, tune in to watch at twitch.tv/xbox.
How to Find Us
The PC Game Pass booth is set up in Hall D, at Booth 3033; that’s right next to the Loot Cave.
Join us at 9 a.m. PT on Wednesday, Oct. 12, to learn about the latest products and updates designed to help customers, partners and developers do more with Microsoft technologies.
What’s new: strengthening of compliance and risk assurance capabilities, enhanced customer experience capabilities, and expansion into new markets
As we continue to expand our Microsoft Cloud for Financial Services offering, we are excited to share our latest updates including new features in general availability and in preview, as well as expanded availability in select new markets. Our goal is to equip every financial organization with the digital capability required to succeed in today’s challenging economic and regulatory environments. We remain committed to helping our financial services customers improve time-to-value, reduce costs, increase agility, accelerate innovation for sustainable growth, and create deeper customer connections.
According to IDC1, 44.6 percent of financial services respondents consider driving more revenue-generating activities the most critical technology initiative for their organizations, while 41.1 percent are focused on delivering digital services faster and accelerating the shift to the cloud. In this context, delivering technology that speeds time-to-value and improves customer outcomes is vital—and this is exactly where Microsoft Cloud for Financial Services and its latest updates can offer compelling business value.
Compliance Program for Microsoft Cloud: Supporting customers in their compliance needs
Moving to the cloud creates incredible opportunity for our customers in any industry, but for the financial services industry, meeting regulatory requirements is foundational.
At Microsoft, we understand that it is essential to meet or exceed those requirements. We have innovated in this space and are leading the technology industry with our unique compliance program that helps customers navigate the complexities of meeting regulatory requirements around the globe. We are now offering the full value of the Compliance Program for Microsoft Cloud as a part of Microsoft Cloud for Financial Services. This will provide our customers with white glove support for their risk, audit, and compliance teams. It includes four key features:
Ask an Expert: Directly engage with Microsoft’s subject matter experts to address top-of-mind compliance concerns as well as accelerate regulatory assessment and approval cycles.
Risk and Control Mapping: Get support from Microsoft with cloud risk assessments to help you meet your due diligence needs.
Compliance Community: Learn about the latest regulatory compliance developments directly from Microsoft experts, industry peers, and thought leaders via ongoing virtual sessions, summits, and webcasts.
Proactive Risk Assurance: Receive proactive communication from Microsoft’s experts on external audit results, ongoing updates of Microsoft’s cloud estate, and changing regulatory compliance requirements.
Now generally available: Intelligent appointments
Customers today expect more when it comes to convenience and simplicity in engaging with their financial institutions. The key to addressing these expectations and delivering great customer experiences is in continuous improvement of financial services offerings that better connect people, processes, and systems. In our latest release of Microsoft Cloud for Financial Services, and based on customer feedback, we have focused on continued improvements to the banking customer engagement capability to deliver differentiated customer experiences.
One key challenge for many customers is in finding the right person with the right expertise at the right time, easily and conveniently. Intelligent appointments, now generally available, is a new feature of banking customer engagement that offers customers a self-scheduling meeting experience, on the customers’ preferred channels. It easily and quickly matches customer financial product inquiries with banking experts. Customers can find contacts with the relevant skills and availability for virtual or in-person appointments.
In preview: Increased investments across verticals
For all organizations regardless of industry, the key to success in the digital era lies in the data: how to store it, secure it, combine it, and harness it. By migrating to the cloud and taking advantage of common data models, financial institutions especially are better able to put their data to work, apply intelligence, extract insights, derive new business models, and deliver better, more differentiated customer experiences through modernized applications that drive new growth.
To that end, we are pleased to highlight a set of new features we are releasing for preview (the United States and the United Kingdom only) that help our financial services customers put data to work and demonstrate our commitment to making Microsoft Cloud for Financial Services more relevant and useful to the whole industry. They include:
Onboarding application (retail banking and other verticals): Delivers a flexible and intelligent product onboarding experience with automated document workflows enriched by AI analysis to assist the document verification process.
Unified client profile (wealth management): Helps deepen client relationships with meaningful advice, providing relationship managers with a good understanding of a client’s financial status, investment portfolios, financial goals, important life moments, and other personal attributes.
Property and casualty insurance data model (insurance): A dedicated property and casualty insurance data model captures new attributes including policy and coverage information, claims, and insurance providers and producers.
Wealth management data model (wealth management): An extension to the banking data model that captures new attributes including financial goals and investment instruments specific to wealth management.
Small business data model extension (retail banking SMB): Extends the data model foundation of Microsoft Cloud for Financial Services to represent individuals and allows linking small businesses to individual financial holdings.
Update on our partner ecosystem
Our partner ecosystem has been a key component to the success and scalability of Microsoft Cloud for Financial Services. Our partners are dedicated to better serving customers by helping provide more integrated solutions that reduce risk across the ecosystem, identify new opportunities for innovation, and decrease time to market.
For this release, we are also pleased to announce new solutions and offerings from leading systems integrators (SIs) like Accenture/Avanade and PWC and independent software vendors (ISVs) like ArganoArbela, ASC, Bambu, BioCatch, Mambu, Thought Machine, and Wealth Dynamix to extend our capabilities. We’ve partnered with these organizations to publish solutions that deliver a differentiated customer experience, empower employees, and manage enterprise risk with solutions built on our offering.
New markets and languages
This month, in our continued efforts to support customers around the globe, we are expanding the international availability of Microsoft Cloud for Financial Services to include Brazil, Singapore, and the special administrative region of Hong Kong. Available languages now include Brazilian Portuguese and traditional Chinese. We plan to continue to expand our cloud presence in many more markets and languages in the months to come.
Learn more
To learn more and stay informed:
1IDC’s Worldwide CEO Survey, 2022: Industry Perspectives, Doc # US49613122, August 2022.
October is Cybersecurity Awareness Month, and I’m excited about what Microsoft and our partners in the industry have planned to help everyone stay #CyberSmart. 2022 may have offered some respite from the previous year’s rush to enable a remote and hybrid workforce, but the increased use of personal devices also left security professionals with even more endpoints to manage and secure. As illustrated by breaches like the March 2022 attack on Shields Health Care Group1 that impacted two million people and the April ransomware attack that became a national emergency for the Costa Rican government,2 we all need to be cyber defenders to protect what matters.
Technology can only do so much; it’s people who remain our greatest strength. That’s why Microsoft is taking this opportunity during Cybersecurity Awareness Month to help security professionals educate their employees on fundamentals highlighted by the National Cybersecurity Alliance, such as protecting their identities, updating their software and devices, and not falling prey to phishing schemes.3 Be sure to explore the resources and skilling opportunities in our Cybersecurity Awareness Month website, such as the #BeCyberSmart education kit with assets to help people to protect their data both at work and at home.
People have become the primary attack vector for cyber attackers around the world, so humans rather than technology now represent the greatest risk to organizations.
In today’s boundaryless workplace, comprehensive security is essential. That kind of 360-degree protection requires education and awareness to safeguard identities, data, and devices. Awareness programs help enable security teams to effectively manage their human risk by changing how people think about cybersecurity and helping them practice secure behaviors. The SANS 2022 Security Awareness Report analyzed data from more than a thousand security professionals from around the world to identify how organizations are managing their human risk. The report found that more than 69 percent of security awareness professionals are part-time, meaning that they spend less than half their time on security awareness.
According to the SANS report, cybersecurity awareness professionals should endeavor to:
Engage leadership by focusing on terms that resonate with them and demonstrate support for their strategic priorities. “Don’t talk about what you are doing, talk about why you are doing it.”
Consider having a 10-to-1 ratio of technical security professionals to human-focused security professionals.
Partner with other departments in the organization—such as communications, human resources, and business operations—to help engage and communicate with your workforce.
Make the training simple to understand and follow. “Just like working out—it’s the frequency that’s important.” And dedicate time to collecting information about the impact of your awareness programs.
It’s up to each of us to #BeCyberSmart
In 2022, the most common causes of cyberattacks are still malware (22 percent) and phishing (20 percent).4 Even with the rise of ransomware as a service (RaaS) and other sophisticated tools, human beings remain the most reliable, low-cost attack vector for cybercriminals worldwide. For that reason, it’s vital that we all stay informed about how to prevent breaches and defend ourselves, both at work and at home.
Here are some basic steps we can all take to #BeCyberSmart:
Phishing: Deceptive emails, phony websites, fake text messages—these kinds of phishing scams accounted for 30 percent of attacks in 2021.5 During Terranova’s annual Gone Phishing Tournament last year, 19.8 percent of participants clicked on the phishing email link, while 14.4 percent downloaded the fake document.6 So, how can we avoid taking the bait?
Check the sender’s email address for verifiable contact information. Common phishing tip-offs include a misspelled or unrelated sender address. If in doubt, do not reply. Instead, create a new email to respond.
Don’t click on links or open email attachments unless you have verified the sender.
Devices and software: Unpatched, out-of-date devices and software are a leading access point for cybercriminals. That’s why practicing good cyber hygiene is so important for avoiding destructive malware that can steal users’ personal information. To help keep your devices safe:
Enable the lock feature on all your mobile devices.
Run antivirus software and install system updates immediately.
Scams: Criminals will often contact you seeking to “fix” a nonexistent problem. The email or text message will contain a sense of urgency, such as “Act now to avoid having your account locked!” If you see this type of message, do not click the link. And remember to always report any suspected scam so the organization can take action. A few tips to remember:
Be skeptical of unsolicited tech support calls or error messages requesting urgent action.
Do not follow any prompts to download software from any third-party website.
When in doubt, open a separate browser page and go directly to the company’s webpage.
Passwords: Passwords are our first line of defense against unauthorized access to accounts, devices, and files. However, the average person now has more than 150 online accounts; password fatigue is always a danger. Some tips on how to protect your passwords include:
Fostering a more diverse cybersecurity workforce
As of April 2022, there are more than 700,000 vacant cybersecurity positions in the United States, with a predicted 3.5 million cybersecurity positions going unfilled worldwide by 2025.7 That’s why Microsoft continues to reach out to students, veterans, people re-entering the workforce—anyone with an interest in becoming a cybersecurity defender. This year for Cybersecurity Awareness Month, we’re also acting on Microsoft’s initiatives to increase cybersecurity education access and help close the workforce gap. In partnership with the Last Mile Education Fund, Microsoft aims to reach at least 25,000 students by 2025 with scholarships and additional resources related to cybersecurity pathways.
On October 7, 2022, we’re again hosting the Microsoft Student Summit, a virtual skills event designed to inspire higher education students toward a career in tech. This one-day event offers students the opportunity to engage with the Microsoft student developer community, hopefully providing inspiration and stoking a passion for innovation. We’re also continuing to help students move into real-world employment by offering learning sessions aligned to Microsoft certifications for security, compliance, and identity. Eligible students can take up to eight fundamental certification exams for free this academic year.
Helping to create the next generation of cybersecurity defenders is critically important, and we want to make sure the doors are open to everyone. That’s why we’re continuing our partnership with Girl Security, helping to empower adolescent girls, women, and gender minorities by demystifying cybersecurity and developing the in-demand skills needed for employment. Microsoft is also partnering with other organizations to leverage the message from this moment in October 2022 to bring more women to the industry, with a Community College Pathways to Cybersecurity Success webinar with Women in Cybersecurity (WiCys) and a virtual event with the Executive Women’s Forum focused on cybersecurity careers at Microsoft.
Cybersecurity Awareness Month is a special time for us as we collectively come together—industry, academia, and government—to promote the importance of a secure online environment. We know that cybercriminals are persistent and driven, working all day, every day with no days off. That’s why we need to work together on awareness and education year-round and build a culture of cyber defenders. Please continue to visit our cybersecurity awareness and education website to learn more about cybersecurity education programs from Microsoft, and get our new cybersecurity education kit to use in your organization. Everyone has a role to play in cybersecurity, and when we learn together, we are more secure together.
Learn more
Explore our best practices and educational resources with our Cybersecurity Awareness website.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
