The cyberthreat landscape is continuing to evolve towards more effective and damaging attacks, which often take place across a broad and extensive scope, according to the Microsoft Digital Defense Report 2023. Telemetry data from Microsoft indicates that human-operated ransomware attacks are up more than 200 per cent since September 2022. And the report also highlights a rise in data extortion and the skyrocketing frequency of business email compromise.
For organisations to protect themselves from spiralling cyberthreats, an intelligent approach to security is required. And that’s where the Microsoft Intelligent Security Association (MISA) comes in. Established in 2018, the association began with 26 partners to build intelligent security solutions to integrate with Microsoft Security products to help protect shared customers against cyberthreats. Almost six years later, MISA is now a vibrant ecosystem of over 300 members, with over 250 software integrations and 670 managed security service offerings.
Microsoft’s portfolio of security products has evolved too – and now comprises Microsoft Defender, Microsoft Entra, Microsoft Intune, Microsoft Priva, Microsoft Purview and Microsoft Sentinel. These products are designed to work together and cover all aspects of security – from stopping cyberattacks to managing identities, safeguarding data, ensuring privacy and strengthening device security.
“Like any hard problem, cybersecurity requires enlisting help from a diverse set of perspectives,” says Maria Thomson, director of MISA. “But today, companies are too often challenged by the lack of integration between products. The deployed solutions operate in silos and the value of listening to different perspectives is offset by inefficiencies and failures in communication channels.
“The security community has an obligation to our customers to make sure our solutions work together. In support of this responsibility, MISA consists of companies looking to integrate and provide better visibility, protection and choice for our joint customers. MISA enables collaboration with leading security technology and service companies, so together we can help customers realise the benefit of using solutions from multiple vendors in harmony. Members are nominated for their ingenuity in creating smart security products that integrate with and services that layer on top of Microsoft Security products.”
MISA membership is by nomination only, according to Thomson.
“We have limited capacity, and we are looking to work with the most strategic security partners at a given time so that together we can ensure our joint customers have peace of mind knowing they have access to leading security technology.”
Microsoft Security solutions are designed to help eliminate inefficient silos and patchwork fixes, closing the gaps with simplified, comprehensive protection. By eliminating redundant capabilities, organisations can avoid the hassles of managing multiple contracts and licenses, saving up to 60 per cent in cost, according to Microsoft. MISA members are joining in this effort to simplify security for its customers by creating product integrations.
For example, end-to-end security provider Difenda works with Microsoft to provide specialised expertise on Sentinel and other security products from the Microsoft 365 E5 licensing model. Difenda worked with the City of Brampton in Ontario, Canada, to deploy Sentinel as the central solution for its overall infrastructure in conjunction with its own solution, Difenda Shield. As a result, the municipality was able to reduce its cyberthreat alerts by 70 per cent with the joint deployment.
Meanwhile, MISA member Ontinue is helping organisations to maximise their Microsoft Security investments. For example, it helped supply chain company AmerCareRoyal improve its security posture and capitalise on the Microsoft tools that it already had access to. It also deployed its managed extended detection and response platform Ontinue ION to increase protection.
The MISA ecosystem is constantly evolving to reflect the changes in the security landscape and how Microsoft and its partners respond to them.
“We want to make sure we’re continually engaged with MISA members so that they can utilise everything available to them,” says Thomson. “Sometimes our strategy or messaging changes so we must ensure that members are kept updated and that our partnerships are still strategically aligned. We hold monthly office hours with members to provide an overview of what’s happening at Microsoft, and we provide technical road map sessions for them twice a year under non-disclosure agreements so that they can create their own solutions to match the evolving security landscape.”
Microsoft also introduces partners within MISA to one another, encouraging collaboration. For example, cloud security solution provider CWSI and Cognni, an artificial intelligence platform provider that provides data classification to enhance the power of Purview Information Protection, are working together with Microsoft to combat information security connected to compliance.
“It is well acknowledged within the cyber community that there is no one solution that can do it all,” said Clifford Corney, vice president of strategic business development at Cognni. “Security is a team game and MISA has provided Cognni with the opportunity to engage with like-minded people and organisations to learn from each other. We work together to provide a better customer experience for organisations that are dealing with cyberthreats.”
IBM’s Cost of Data Breach Report 2023 found that the average cost of a data breach reached an all-time high in 2023 of $4.5 million. Some of these threats are attributed to the transition to hybrid work. People are working on corporate networks and home networks, and moving fluidly between business and personal activity online thanks to technologies intertwined with both aspects of our daily routines, according to Microsoft. With employee’s home networks and devices now a part of corporate networks, organisations are working without firm borders and are more vulnerable to threats.
“Security and safety are the defining challenges of our times and protecting organisations from cybercrime has only become more challenging,” says Thomson. “A paradigm shift is required in the security industry’s approach to this. At Microsoft, this imperative guides our mission in security every day and it has shaped our research and development effort to empower security teams.”
Key to this effort is harnessing the power of generative AI, which, together with Microsoft’s end-to-end security solutions, empowers security teams to deliver security for all. Generative AI is transformative for security and can be used to combat bad actors. Microsoft Security Copilot can effectively upskill a security team regardless of its expertise, saving them time by enabling them to find what previously they might have missed, and allowing them to focus on the most impactful projects.
“Several partners are working with us to help shape Security Copilot product development by participating in our engineer-led Microsoft Security Copilot Design Advisory Council and Partner Private Preview,” says Thomson. “They are validating usage scenarios and providing feedback on functionality, operations, and application programming interfaces to assist with extensibility.”
Looking ahead, effective cooperation will be essential for the mitigation of security threats. “It’s imperative that we continue to build with our strategic security partners to continue collaborating together to protect our end customers,” says Thomson.
Partner perspectives
We asked a selection of MISA members how their work with the association allows them to better protect customers from security risks.
“CIS joined MISA in 2023 and helps users build and operate secure virtual machine images. As a CIS partner, Microsoft integrates CIS Benchmarks into its tools, such as Microsoft Defender for Cloud. This helps customers to assess their system configurations,” said Mia LaVada, product manager at the Centre for Internet Security.
“Through MISA, we develop better insights and improve our understanding of how we can jointly partner with Microsoft to better protect organisations with rapid cybersecurity innovation. Our integration of Fortra’s Digital Guardian Data Loss Prevention with Microsoft Information Protection is one example showing how MISA has enabled two leading solutions to work together for the benefit of our customers,” said John Grancarich, chief strategy officer at Fortra.
“Being a part of MISA enables us to leverage Microsoft’s security tools and services, helping us to stay at the forefront of identity security. This gives us the ability to react to actionable intelligence in real time and use this to help organisations ensure they can trust their users’ identities from day zero and onwards,” said Sean Dyon, vice president of strategic alliances and architecture at HYPR.
“NCC Group’s partnership with MISA enables us access to Microsoft cloud-based security technologies and expertise. This helps NCC Group to develop robust solutions that are tightly integrated with Microsoft’s security offerings; together we provide comprehensive protection against the latest cyberthreats,” said Kevin Brown, chief operating officer at NCC Group.
“Ontinue ION is founded on the robust framework of Microsoft’s security and collaboration product portfolio, empowering our customers to unlock enhanced functionality and amplify value, thereby maximising their return on investment,” said Ogi Stanovic, general manager of strategic alliances at Ontinue.
“Security is truly a team sport. Microsoft is a strategic partner to us, and we have a comprehensive offer around its security solutions, therefore our membership in MISA is not only important, but also mutually beneficial,” said Anna Barkvall, director of strategic programs at Orange Cyberdefense.
“As a founding member of MISA, Secude extends Microsoft Purview Information Protection (MPIP) to independent software vendors responsible for protecting an organisation’s ‘crown jewels’, such as computer-aided design (CAD) and product lifecycle management (PLM) systems, as well as SAP,” said Mario Galatovic, CEO of Secude.
Read more from these partners and others including CWSI, Duo Security, Sophos and Thales in the Winter 2023 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.