Security first: A call for innovation
Microsoft Partner Network
This blog post for developers and other independent software vendors (ISVs) shares the latest cybercrime data in Canada and market opportunity for developing security products and services to meet the growing demand. I include resources on developing security intellectual property and several case studies of Microsoft partners driving security innovation.
As our economy continues its digital transformation, cybersecurity clearly represents a growing cause for concern, action, and opportunity. Companies want and expect their solution-providers to offer security and privacy technologies built-into every product and service, including software and devices.
“Cybercrime is the most common cyber threat that Canadians and Canadian organizations are likely to encounter.” – Canadian Centre for Cyber Security
Cybercrimes are a growing cause for concern in Canada. The “National Cyber Threat Assessment 2020“ includes these key judgements:
- Cybercrimes, like online fraud and attempts to steal data, represent the biggest threat to Canadians
- The number of threat actors continues to rise and so too does the sophistication of their attacks
- Ransomware will continue to target large enterprises and critical infrastructure providers
Canadian businesses spend on security
Most Canadian decision-makers understand the risks and already invest significantly to improve their resilience and security. Even before the pandemic, StatsCan reports that Canadian businesses spent CAD $7 billion on cybersecurity in 2019. In that same year, how much they spent varied by organization size. On average, in 2019:
- Large businesses invested CAD $699,000
- Medium-sized businesses invested CAD $74,000
- Small businesses spent invested $11,000
Whether you build or buy packaged solutions, keep security top of mind.
Accelerate your security development journey by adopting the Security Development Lifecycle (SDL), a set of practices supporting security assurance and compliance. The SDL helps developers build more secure software by reducing the number and severity of vulnerabilities in software, while reducing development cost.
12 security development lifecycle practices
- Provide training
- Define security requirements
- Define metrics and compliance reporting
- Perform threat modeling
- Establish design requirements
- Define and use cryptography standards
- Manage the security risk of using third-party components
- Use approved tools
- Perform static analysis security testing (SAST)
- Perform dynamic analysis security testing (DAST)
- Perform penetration testing
- Establish a standard incident response process
Visit Microsoft’s SDL website for a complete description of each practice plus useful links to related Microsoft developer resources.
The security partner playbook
Microsoft offers partners comprehensive business guides focused on the most in-demand market areas, including cybersecurity. Learn how to develop and deploy comprehensive security offers – across Microsoft Azure and Microsoft 365 you can become a trusted advisor for your customers to help them protect sensitive systems and data from an ever-evolving threat landscape. Discover how to get your practice/project off the ground, maximize efficiency, and fuel growth by downloading the Security Partner playbook and Security Practice Development Playbook
Get briefed on Azure Sentinel
Does your application integrate/leverage Azure Sentinel? This scalable, cloud-native, security information event management and security automated response solution provides enterprises with a bird’s eye view of their security operations. Visit Microsoft Tech Community Azure Sentinel blog to find out more about this powerful platform.
By providing a single solution for alert detection, threat visibility, proactive hunting, and threat response—Azure Sentinel helps enterprises gain more security peace of mind.
Microsoft partner security innovation
These partners have earned multiple awards and attracted national and international customers through security-driven innovation.
- Bulletproof has two decades in the security business, protecting its clients’ privacy and data. The company’s footprint now includes users on six continents trusting Bulletproof to secure their identities, networks, data, and devices. Named Partner of the Year | Modern Workplace by Microsoft Canada in 2019 and 2020, Bulletproof is proud to be a Microsoft Gold Partner with twelve gold competencies and a member of the Microsoft Intelligent Security Association.
- Check Point is a leading provider of cybersecurity solutions to governments and global corporations. Their solutions protect customers from 5th generation cyberattacks, achieving an industry-leading catch rate of malware, ransomware, and other attacks. Check Point protects over 100,000 organizations of all sizes. Check Point’s solutions are tightly integrated with Azure solutions to enable customers to get the most out of their Check Point and Microsoft investments when running in the cloud.
- Based in Victoria, BC, HYAS is the world’s leading authority on cyber adversary infrastructure and communication to that infrastructure. HYAS leverages that knowledge to help organizations understand and block threats through integrations with Microsoft Azure Sentinel and Microsoft Defender for Endpoint.
- Based in Vancouver, D3 Security enables organizations to fully leverage automation and orchestration in their security operations, from event triage through incident remediation and threat hunting. Their NextGen SOAR security operations platform helps global enterprises, MSSPs, and MDR vendors to standardize, automate and speed up their incident response.
Fuel your dreams
The Microsoft Impact Awards 2020 Yearbook, the first of its kind, showcases 17 Impact awards, the winners, and their amazing stories. Discover how the most innovative companies in Microsoft’s ecosystem stood and delivered during a year of unprecedented challenges. From new applications of artificial intelligence to assisting Canadians with food insecurity, the stories in this yearbook will inspire you.
Get the action pack
One affordable annual subscription opens the door to opportunity. MAP includes:
- Five technical advisory hours of personalized guidance from Microsoft technical consultants to assist with onboarding, presales, or deep technical scenarios.
- Product licenses that provide access to Microsoft products and technology.
- Up to 10 product support incidents.
- Branding to show you are a Microsoft partner.
- For developers looking to secure applications, here are the links to the Identity Developer site, which includes training & documentation on how to secure application development with Identity: Microsoft identity platform dev center & Developer Training content: Implement Microsoft identity – Associate – Learn | Microsoft Docs
- Azure Security products & developing recommendations in the Developer Guide: https://go.microsoft.com/fwlink/?LinkId=2152267&clcid=0x409
- Learn more about Microsoft Security, inclusive of Azure Sentinel: Administering Microsoft 365 Security (MS-500) ( Please note: This provides a level 200 overview of Azure Sentinel & M365 Security solutions designed for Partners)
- Learn more about incorporating Azure Sentinel into your Security practices & offers for customers: Azure Sentinel: The complete level 400 training