WE NEED TO DO MORE.
Current defenses are
no longer sufficient
You can’t find the
signal in the noise
In other areas, you
don’t know enough
Source: www.breachlevelindex.com (published by Gemalto)
NOTE: zero record incidents typically reflect ransomware attack
where money was paid and records returned/decrypted
So what’s the real world cost of not dealing with security ?
Average of 4M per breach
$172 per record
in public sector
Costs ?
Forensics (up to $2k/hr)
Notification (except AL, SD)
Credit monitoring
Helpdesk outsourcing
The costs do NOT include
remediation and are potentially
ASYMMETRICAL to org size
Sources: Ponemon Institute and NY
Times
Sources: McKinsey, Ponemon Institute, Verizon, Microsoft
“CYBER SECURITY IS A CEO ISSUE.”- M C K I N S E Y
CYBER THREATS ARE A MATERIAL RISK TO YOUR BUSINESS
is the average cost of a data breach per incident.
of breaches involve weak or stolen passwords.
$4.0M 81%
new malware samples are created and spread
every day.
>300K
of senior managers have admitted to accidentally leaking business data.
87%
John Doe
lllllll
High Security
Low Security
ConvenientInconvenient
2FA verification code: 020987
MESSAGES
John Doe
lllllll
?
SECURED BY HARDWARE
USER CREDENTIAL
An asymmetrical key pair
Provisioned via PKI or created locally via Windows 10
WINDOWS HELLO FOR BUSINESS
Device-Based Multi-Factor
UTILIZE FAMILIAR DEVICES
→ Improved security
→ Fingerprint and facial recognition
→ Ease of use
→ Impossible to forget
BIOMETRIC MODALITIES
USB Webcams
• Logitech “BRIO” – 4K/HDR
• Razer “Stargazer” – Intel SR300
• Creative Labs “BlasterX Senz3D” – Intel SR300
• Others by – Mouse Computer Japan (MCJ) Japan-only
Monitors with face modules
• Lenovo
• HP
BIOMETRIC MODALITIES: FACIAL PERIPHERALS
BIOMETRIC MODALITIES: FINGERPRINT PERIPHERALS
USB Dongle
• BIO-key – several SKU choices, can do Enterprise add-ons
• Kensington
• Japan-only SKUs from: DDS Inc, Ratoc Systems & MCJ
• Taiwan-only SKUs from: AuthenTrend
Other devices we expect to see fingerprint readers
• Keyboards (productivity and gaming)
• Mice
• Headphones (USB connected)
NO MORE HELPDESK CALLSRESET YOUR P IN R IGHT FROM THE LOCK SCREEN
Phone sign-in using Microsoft Authenticator
Passwordless authentication
Public / Private key exchange
Contoso IT
© 2017 Microsoft Terms of Use Privacy & Cookies
Cancel
Need Help?
Making sure it’s you
Follow the instructions on the Microsoft
Authenticator app and enter the number you see
below.
4026
Phone sign-in using Microsoft Authenticator
Passwordless authentication
Public / Private key exchange
Add FIDO 2.0 support
Great solution for Windows 7,
MacOS, and Linux
Coming in Summer 2018
Works with the same devices people use every
day
Based on public key cryptography
Biometrics and keys never leave the device
Protects against phishing, man-in-the-middle and
replay attacks
Standards-based,
interoperable authentication
2.0
…and hundreds of industry partners
Unique insights, informed by trillions of
signals. This signal is leveraged across
all of Microsoft’s security services
POWERED BY THE
INTELLIGENT SECURITY
GRAPH
450B monthly
authentications
18+BBing web pages
scanned750M+Azure useraccounts
Enterprisesecurity for
90%of Fortune 500
Malware datafrom Windows
Defender
Shared threatdata from partners,researchers and law
Enforcementworldwide
Botnet data fromMicrosoft Digital
Crimes Unit
1.2Bdevices scanned
each month
400Bemails analyzed
200+global cloud
consumer andCommercial services
Thank you