NCRCG CyberVersed Podcast: Episode 39 - National Ambassador Focus - Microsoft

The National Cyber Resilience Centre Group (NCRCG), have just released episode 39 of their podcast, 'Cyberversed', speaking to National Ambassadors, Microsoft.

In episode 39, Mandy Haeburn-Little is joined by three members of the Microsoft team: Marc Carney, Director, Security Solutions Group; Gabriela Gradden, EMEA Security Sales Director; and Joseph Boland-Scott, Security Product Manager.

The team began by reflecting on a transformative period for the cyber security landscape, with an increase in ransomware and much more targeted attacks, impacting critical infrastructure and supply chains with the use of sophisticated AI-driven resources.

Mark highlights that Zero Trust frameworks are anticipated to become standard practice which will drive innovation in identity management and authentication solutions, helping to streamline and enable robust capabilities to identify users.

Gabriela talks about Microsoft’s mission statement, ‘Empowering every person and organisation on the planet to achieve more’. She explains how it is more than words and how it actually shapes everything the company does. As an example, she cites the Secure Future Initiative, which was brought about because of the Midnight Visit attack on Microsoft and how this multi-year commitment to how they design, build, test and operate their technology for everyone, starting with Microsoft’s 100,000 employees, all of whom are tasked with putting security first.

Joe points out that as one of the most attacked entities in the world, Microsoft has the challenge of dealing with this and the unique opportunity to learn from these attacks as the threat landscape evolves.

He emphasises that password-related attacks increased tenfold in 2024, highlighting the continued importance of identity protection like multi-factor authentication. He also talks about a need for a change in attitude whereby security is not simply one of the focuses; it must become the central focus for all businesses.

Mark states that Microsoft’s security posture is stronger and more advanced than it’s ever been but warns that the threat environment hasn’t stood still. Attackers are more sophisticated and have better resources, especially with the use of AI and automation. So even though Microsoft has up its game, the threats have matched the pace. So it’s about continuous investment and improving their capabilities and resources, which they are committed to doing in the UK.

Gabriela also touches on the repivoting of attackers; so, as we become more able to deal with sophisticated AI-based attacks, criminals are going back to basics; human, phishing and identity-based attacks are rising, so it is more important than ever to get the basics right and make sure your people trained and are able to identify these threats.

The team also talk about the persistence of attackers and how they are prepared to stay hidden in an organisation’s systems, sometimes for years. He quotes some valuable examples that clearly demonstrate the ongoing need to get the basics right. Patching, training vulnerability management etc. must be priorities.

AI is, of course, a hot topic, and Mandy explores what AI means to the business community. Mark explains the enormous benefits and opportunities offered by AI not only in improving efficiency, productivity and processes but also in the detection of security threats.

They also talk about products like Microsoft Security Copilot that protects organisations at the speed and scale with a generative AI-powered assistant for daily operations in security and IT.

In a broad-ranging conversation, Mandy and the Microsoft team also cover topics like Microsoft’s approach to the democratisation of knowledge, carbon emissions from data centres, and how they decide on areas of focus. Deepfake is also discussed, and how it is becoming much more common and one of the top threats to businesses.

Reporting a live cyber-attack 24/7:

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress) please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day 7 days a week.

Reporting a cyber-attack which isn’t ongoing:

Please report online to Action Fraud, the UK’s national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.

Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050)