With a touch of a button on the wall outside Microsoft Corp. ’s Cyber Defense Operations Center, opaque windows turn clear, offering visitors a glimpse of the high-tech bunker where the software giant’s security engineers work to thwart hackers.
The new facility is at the heart of Microsoft’s campaign to rebuild its reputation for security at a time when the number of potential targets for cyberattacks—from smartphones to corporate servers and Web services—has exploded.
The center isn’t just a workspace it’s also a showcase. When the glass turns clear, clients can look on as engineers battle hackers from behind dual-screen workstations. Pillars around the room are hung with giant monitors listing the latest threats. The far wall bears the directives “protect,” “detect,” and “respond” in huge block letters.
Microsoft has long been viewed as doing too little to protect its customers from cyberattacks. The company has said, however, that its customers need to feel safe running Windows, storing data in its OneDrive online data-storage facilities, basing operations on its Azure cloud-computing service, and using numerous other Microsoft products.
“Microsoft has been on the fringe of security for some time,” said Duncan Brown, research director at IDC Research Inc. “Now, they are putting it at the center of operations.”
On Tuesday, Microsoft president and chief legal officer Brad Smith is scheduled to give a keynote speech on security in cloud computing at the annual RSA digital-security conference in San Francisco.
The Microsoft facility, which opened in November, brings together roughly 50 security experts from Microsoft’s Office and Windows group, its Xbox and Azure divisions and several other business units. The idea is to unify its disparate security teams, as well as the roughly 3,500 other security employees spread among offices nearby and throughout the world.
Microsoft declined to disclose the center’s cost, but it said it spent $1 billion on security last year, including acquisitions.
Microsoft isn’t alone in building a cybersecurity war room. Tech companies including networking-equipment maker Cisco Systems Inc. and cybersecurity company Symantec Corp. have set up their own operations centers to monitor and foil attackers—and to impress customers.
The seed for the Cyber Defense Operations Center was planted by Microsoft’s earlier Cybercrimes Center, which opened in 2013. There, the company combined various groups to take on problems like child exploitation on the Internet. Microsoft found that combining Web-based investigators with its Windows and Office units yielded quicker results than having those groups work independently.
Early last year, company executives visited tech and telecommunications companies to learn how they shared data among their security teams. Those visits led Microsoft to design an open collaborative space. The company decided to face computer monitors away from the viewing area so visitors couldn’t see any sensitive information.
Still, Microsoft, with its vast reach in personal computers, game consoles, computer servers and Web services, remains under constant attack. It thinks the new center will help it respond more quickly. That’s important because attackers went undetected on victims’ networks for a median of 146 days in 2015, according to an estimate by cybersecurity firm FireEye Inc.
“Minutes matter, and seconds matter,” said Bryan Casper, a security-incident-response manager at the center. “So, looking across the room at someone is better than waiting for an email.”
According to Microsoft, the key to rapid response is an emerging technology known as machine learning. The company has hired a group of so-called white-hat hackers known as the Red Team to attack its networks and software. Machine learning programs watch those incidents, as well as real attacks, to learn what attacks looks like and improve defenses. The system sifts the billions of pieces of data—customers logging in and out, using various software features, uploading and downloading files—looking for patterns that match, possibly indicating an attack.
“We can be much more predictive about security than we’ve been in the past,” said Pete Boden, Microsoft’s general manager of Cloud and Enterprise Security.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.