Microsoft and other software and hardware vendors have dedicated significant resources over the last decade to develop more secure solutions for their customers. These efforts were driven by the increasing sophistication of the people attacking information systems. The threat environment has evolved over time and the industry has had to respond to those changes.
This suggests that we need to consider expanding the focus of our security efforts. We need to respond to new pervasive attack methodologies that present themselves as persistent threats to our IT infrastructure and information assets.
Given the possibility that your IT infrastructure is at risk of being breached without your awareness, it could be productive to reevaluate how you prioritize your security solutions and investments. You might want to look at what value could come from devoting more of your resources to detecting and responding to breaches of your high-value assets versus trying to prevent attacks.
Security in a world where we assume a breach may have already taken place without our knowledge leads to a completely different mindset.
This is where Red Teaming becomes quite valuable. Red Teaming is above and beyond compliance accreditations or other industry requirements and provides Microsoft, and our customers, with the additional assurance that Microsoft cloud services are continuously performing security monitoring, testing, and updates to reflect the constantly changing threats that both customers and Microsoft face.
Microsoft conducts wargame exercises and regular Red Teaming to evaluate and improve Microsoft’s Assume Breach readiness. Through the modeling of real-world attacks as well as penetration tests, Microsoft can test its ability to handle attacks, identify gaps in detection and response and focus resources to address those gaps. By practicing security incident response, performing continuous monitoring, forensics and recovery, Microsoft strives to develop the critical capabilities needed to deal with breaches.
Learn more about Microsoft’s approach to assume breach and how Red Teaming is a key component of an assume breach attitude by reading the Microsoft Cloud Read Team white paper.