Microsoft Cures Breach Blindness for Enterprises
A new offering, called Windows Defender Advanced Threat Protection, alerts administrators if attackers gain a foothold on a network.Suffered a network breach? Microsoft's latest cloud-based data security service can help administrators prevent their Windows devices from giving up the goods. Using as a backdrop this week's RSA Conference—when the IT industry turns its attention to information security—the software giant on March 1 announced Windows Defender Advanced Threat Protection. Borrowing the name of Windows' built-in anti-malware software, the upcoming product helps make Windows 10 systems less susceptible to data leaks, even if an attacker has already managed to breach a corporate network. "To help protect our enterprise customers, we are developing Windows Defender Advanced Threat Protection, a new service that will help enterprises to detect, investigate and respond to advanced attacks on their networks," Terry Myerson, executive vice president of Microsoft's Windows and Devices group, said in a March 1 announcement. "Building on the existing security defenses Windows 10 offers today, Windows Defender Advanced Threat Protection provides a new post-breach layer of protection to the Windows 10 security stack." While businesses experienced fewer breaches in 2015 than the year before, they remain a major concern. Last year, organizations reported a total of 1,673 breaches, 46 of which involved a million records or more. On average, the total cost for a data breach rings up at $3.8 million, according to Ponemon Institute's 2015 Cost of Data Breach Study. Generally, it takes just over 200 days to detect a breach.
Windows Defender Advanced Threat Protection is Microsoft's bid to keep its customers, or at least their Windows systems, from becoming one of those statistics. "With a combination of client technology built into Windows 10 and a robust cloud service, it will help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations," Myerson continued.