Cloudy with a Chance of InsightsReaching for the Cloud NewsletterSubscribe to NewsletterSubscribe via RSS
The Microsoft Cloud Blog

Expert insights on Microsoft Azure, Cloud Architecture, and Enterprise Technology

Cybersecurity

14 articles

Not All Assets Are Equal: How Microsoft Defender Is Rethinking Protection for High-Value Systems

Not All Assets Are Equal: How Microsoft Defender Is Rethinking Protection for High-Value Systems

Microsoft Defender's high-value asset protection framework applies differentiated detection and prevention logic based on a system's role in the environment — meaning a domain controller gets stronger protection than a general workstation even when the same activity is observed on both. Here is how it works, and what you need to do to make it effective in your environment.

Cybersecurity
Read article
Building Security for Agentic AI: A Strategic Perspective on End-to-End Trust

Building Security for Agentic AI: A Strategic Perspective on End-to-End Trust

Agentic AI is no longer a futuristic concept—it’s rapidly becoming boardroom reality for CISOs and tech leaders alike. 🤖 At RSAC’s milestone 35th year, Microsoft spotlighted an eye-opening stat: 80% of Fortune 500 companies now deploy intelligent agents. The scale is impressive, but so are the security challenges that come with defending automated systems that act on their own.

AICybersecurity
Read article
Trust Undermined: How Fake Developer Interviews Are Becoming a Stealthy Malware Delivery Channel

Trust Undermined: How Fake Developer Interviews Are Becoming a Stealthy Malware Delivery Channel

Contagious Interview: Malware delivered through fake developer job interviews The intersection of recruitment and cybersecurity has rarely been as fraught as it is today. Recent research from Microsoft Defender Experts exposes a campaign that weaponises the very workflows meant to identify and onboard technical talent. The so-called “Contagious Interview” operation, active since at least December… Continue Reading →

cybersecuritySecurity
Read article
Navigating Copilot Studio Agent Security: Recognising and Remediating Invisible Risks

Navigating Copilot Studio Agent Security: Recognising and Remediating Invisible Risks

The rise of AI automation in operational environments has been transformative, yet it introduces a new set of exposures that traditional controls rarely surface. As Copilot Studio agents become embedded within core business workflows—automating tasks, accessing sensitive data, and interacting with critical systems—the line between operational efficiency and security vulnerability grows thin. In my experience,… Continue Reading →

aicybersecurity
Read article
Reimagining Software Security: Microsoft’s SDL Approach for the Age of AI

Reimagining Software Security: Microsoft’s SDL Approach for the Age of AI

Read the source article: Microsoft SDL: Evolving security practices for an AI-powered world The rapid integration of artificial intelligence into enterprise operations is fundamentally altering how we think about software security. Having spent years guiding organisations through digital transformation, I recognise that conventional approaches to secure development are struggling to keep pace with the complexity… Continue Reading →

cybersecuritySDL / SDLCSecurity
Read article
Proactive Cyber Defence in Government: Microsoft’s Evolving Approach to Trust and Security

Proactive Cyber Defence in Government: Microsoft’s Evolving Approach to Trust and Security

When Satya Nadella discusses the importance of trust in technology, especially within the realm of governmental data protection, I see a direct alignment with the strategic trajectory outlined in Microsoft’s latest Deputy CISO blog. Tim Langan, Microsoft’s Deputy Chief Information Security Officer for Government and Trust, provides a compelling perspective on the complexity and urgency… Continue Reading →

cybersecurityMicrosoft 365Security
Read article
Navigating the Evolving Threat Landscape: Phishing, Spoofing, and the Critical Role of Identity Infrastructure

Navigating the Evolving Threat Landscape: Phishing, Spoofing, and the Critical Role of Identity Infrastructure

The continual evolution of phishing tactics reflects a broader shift in cyber threat sophistication, with attackers now exploiting the very infrastructure that underpins digital trust. In recent research published by Microsoft Threat Intelligence, I see clear evidence that malicious actors are leveraging complex email routing and subtle domain misconfigurations to craft convincing spoofed emails. These… Continue Reading →

cybersecuritySecurity
Read article
The Rise of Digital Impersonation: Strategic Lessons from Microsoft’s Incident Response

The Rise of Digital Impersonation: Strategic Lessons from Microsoft’s Incident Response

Unpacking the Threat of Synthetic Identities The evolving landscape of cyber threats continues to challenge technology leaders in fundamental ways. Microsoft’s recent incident response analysis, detailed in their blog post, brings attention to a sophisticated and troubling vector: attackers using fake identities to gain privileged access within enterprise environments. This tactic, while not new in… Continue Reading →

cybersecurityMicrosoft Azure
Read article
Page 1 of 2Next →