Cyber attackers are adapting in an agile manner, and the threat of ransomware and extortion is becoming more prevalent with attacks targeting governments, businesses, and critical infrastructure.

“Cybercrime economy is industrializing at a very fast pace,” said Richard Koh, Chief Technology and Customer Success Officer of Microsoft Singapore in the recent Microsoft APAC Partner Boardroom Series for Partners: Chief Information Security Officers. Attackers are adapting in an agile manner, and the threat of ransomware and extortion is becoming more prevalent with attacks targeting governments, businesses, and critical infrastructure.

“It is important for organizations to look at more resilient deployment models to protect themselves,” Koh said.

Weak identify controls, ineffective security operations and limited data protection contributing to weak protection against ransomware

It is thus no surprise that businesses are looking into security as a priority.

The scale and speed of exploitation means that businesses will need to react with agility. Ransomware attacks and extortion continue to rise, with one-third of targets compromised and 5% falling victim to a successful ransomware event.

The Microsoft Digital Defense Report 2022 also highlighted three areas of concerns:

1. Cyber actors are targeting critical infrastructure and industry sectors that have a material impact on people and businesses. The study found an increase in nation state attacks targeting critical infrastructure between July 2021 and June 2022.

In the region, manufacturing, consumer retail, education and governments have seen ransomware incidents.

2. Attackers are leveraging vulnerabilities in devices and endpoints, especially with the increased use of smart devices and IoT devices.

3. Cyber influencer operations are increasingly sophisticated, where tactics such as “cognitive hacking” enabled by tools to artificially create highly realistic images and videos are being deployed to influence how people think about issues, or to sow discord.

With the shift to hybrid work and credential phishing schemes on the rise, customers face a new set of challenges around identity, shared Othniel Liew, General Manager for Alfa Connections (Singapore, Thailand, Vietnam and Myanmar). As such, the FastTrack Partner is increasingly finding themselves having to help customers defend and protect identify, data and endpoints while empowering them to shift to hybrid work.

A prominent shift observed by Liew is that customers are no longer just concerned about data protection but also data availability – securely – across the organization in a hybrid environment.

Cybersecurity is a team sport

As organizations tackle imminent cyberthreats, especially pertaining to devices and endpoint protection; or defending against potential attacks on critical infrastructure, it is important to note that effecting a cybersecurity strategy cannot be done in silo.

“The assumption that one can do it all by themselves is a fallacy. As a community, we need to come together to collaborate…it is not something Microsoft can do alone, or the government can do alone,” Koh shared. “Customers will appreciate a more comprehensive view and capabilities we bring to the table collectively.”

Microsoft, for example, is working closely with local, regional and global associations such as the Cybersecurity Tech Accord, Cyber Security Agency of Singapore, among others for best practice sharing, and to offer inputs to fellow industry partners on how to develop and evolve their products and services to address potential cybersecurity threats.

Koh feels that partners can make a difference in helping organizations, especially Chief Information Security Officers (CISOs), to modernize their security approaches. “Partners can help customers reimagine scenarios. Offering a best of suite approach is a response to addressing where potential threats are coming from, and an opportunity for partners to think about what they can best offer to their customers.”

For Fahad Shaikh, Founder and CEO of Kloudynet Technologies, offering accessible and valuable insights to CISOs and the security team in a single “console” with tools like the Microsoft Defender Experts for eXtended Detection and Response (XDR) is important. Many organizations today rely on different technology stacks, and this can be a challenge when there is a need to identify potential threat vectors or protect different workloads.

“In a cyberattack, you not only need to act fast, you need to be faster,” said Shaikh, who also shared that it is challenging for security analysts to be looking at different tools and dashboards to isolate any incidents.

Ultimately, it is important for partners to realise that the security conversation needs to be holistic. Shaikh emphasized the importance of follow-through – starting from workshops, to consulting to implementation along the customers’ entire journey. He also believes that the implementation team needs understand the customers’ business and priorities. “This helps build trust.”

Having a growth mindset to stay ahead

The evolution of the digital economy means that businesses will need to be open to continuous learning.

“I really encourage customers and partners focus on – growth mindset, on-ground learning in the space. I know it sounds funny to learn how criminals work, but it’s about appreciating the evolving landscape, techniques, tactics, and not having pre-conceived notions on how attackers will act,” shared Koh.

Koh also believes that there is a human dimension to building cyber resiliency, and this comes with training, workshopping, among other curated programmes for customers and partners.

For partners, investments in training and certification can help open new doors. For example, Alfa Connection found themselves being increasingly involved in security related conversations while they were initially focused on Modern Workspace offerings and decided to grow their security practice.

For Liew, the journey for Alfa Connection to be a Microsoft certified partner has helped them become a trusted consultant to their customers. While customers may work with different partners for different requirements, Liew acknowledges that having the breadth of knowledge has helped them better address their customers’ challenges.

With a focus on their security practice, Kloudynet Technologies leverages the rich portfolio of Microsoft resources and investments to learn. But more importantly, Shaikj emphasized the importance to prioritize time for their teams to learn and amass the breadth of knowledge critical to helping customers achieve tangible business outcomes – and eventually be a trusted partner to customers.

Shaikh shared that the transposition of their learning from Microsoft programs to their clients has been beneficial. The company conducts interactive workshops that help CISOs understand the movement of attackers, and actively identifying potential threats.

“Having the right skills can allow you to have fruitful conversations with CISOs,” added Shaikh.

Top tips from panellists on engaging CISOs

1. Offer a best of suite approach to CISOs.

2. Follow through is important.

3. Invest in training to help consultants amass breadth of knowledge to better engage CISOs and teams.

Learn more from the Microsoft APAC Partner Boardroom Series for Partners: CISOs here.

If you missed the Microsoft APAC Partner Boardroom Series for Partners: CISOs session, you still have the opportunity to learn from it on-demand here. Also available are the CFOs and CHROs sessions.

Who should attend? Anyone – sales, technical and marketing – who wants to understand CHRO, CFO and CISO priorities and challenges and boardroom conversations on employee experience, modern finance and security, and learn how to engage/have connected discussions with these new breeds of technology buyers/decision makers.