So, your business is becoming more Cloud-based... why isn't your security?
Microsoft may have asked themselves this question when they bought RiskIQ.
RiskIQ, is a cyber security start-up based in San Francisco that provides organisations with cloud-based security software and threat intelligence.
We think Microsoft's acquisition of them is a pretty smart move. You could even say they have exhibited a high 'RiskIQ'. Why?
Because as cyber-attacks rise, hybrid working becomes normalised and more of us work and store data in the cloud, companies, including Microsoft are facing an onslaught of serious security risks.
RiskIQ maps out details about domain name records, certificates, websites, networks and more by scouring the internet. The company has a whole host of useful services which help companies limit their vulnerabilities to cyber attacks through locking down their assets.
One of its most important services is its cloud security software which provides protection for companies working and storing their data there. They also provide WHOIS registration data, which gives clients visibility into what services, devices and assets can be accessed outside a company’s firewall.
Data like this helped RiskIQ unearth and understand the Magecart hackers, a credit card skimming group known for injecting malware into vulnerable devices. This group has previously attacked British Airways and Ticketmaster.
Microsoft argues by embedding RiskIQ into their main products, they will be able to help business owners build a more comprehensive view of global cyber security threats. Something which is especially important as more and more companies shift to Cloud-based, remote and hybrid working systems.
Vice President Eric Doerr of Microsoft commented that RiskIQ will “help enterprises identify and remediate vulnerable assets before an attacker can capitalise on them.” This risk prevention is a growing priority for many companies after events like the attack on SolarWinds in 2020 which affected at least 18,000 of its customers.
Microsoft is one such company. Their acquisition of RiskIQ is another instalment in what appears to be a long-term preventative cyber security strategy.
In 2020, they bought the Israeli security start-up CyberX 2020 out of a desire to boost their Azure IoT business. And only last month they acquired security firm ReFirm Labs which specialise in creating new methods to vet and validate firmware. Microsoft will, according to Bloomberg, pay more than $500 million for RiskIQ, showing their dedication to this long-term strategy.
Microsoft going to such lengths to invest in their cyber security truly speaks to the level of risk businesses face on the security front. Microsoft is one of the most technologically sophisticated companies in the world, with premium levels of protection from cyber criminals, yet even they haven't managed to stay data breach free.
A fact that should worry the leaders of SMEs. Sure, you may not face the same heightened risks as Microsoft, but that doesn’t mean your business will not be targeted.
In the last twelve months here in the UK 39% of all businesses reported having cyber security breaches, with this number rising to 65% with medium to large organisations.
Meaning, while you may not be Microsoft, it might be good to follow their lead. When we say this, we don’t mean go out and acquire your local cyber security company, but instead invest in a long-term preventative cyber security strategy.
This means getting the right advice for your businesses situation and budget which allows you to make the most of the tools available in today's changing security landscape.
Key to this is accounting for the fact your business is becoming more cloud-based.
With the right cyber security reporting, you’re not only investing to significantly reduce cyber security risks, but in future projections and assessments that will help you safeguard your business' long-term potential and growth.