While elevated privilege attacks remain a critical security concern when using Microsoft products, the raw number of vulnerabilities is dropping.
cyber security - News, Features, and Slideshows
- Microsoft security vulnerabilities drop after five-year rise
- New emergency warning over two new VMware vulnerabilities
The CISA has issued emergency security directive over VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973, which threat actors are likely to exploit.
CISOs are also less concerned about ransomware attacks, but many says their organisations are still not properly prepared for them.
Most companies understand they need to transition from perimeter-based security to a zero-trust model but they can’t purchase this as an off-the-shelf product.
Microsoft Defender for Business alerts can show what's happening in the network. The better users understand their network, the faster they can triage alerts.