Microsoft Global Security - Experts & Thought Leaders

Cyware, a pioneer in AI-powered threat intelligence management, secure threat sharing and collaboration, hyper-orchestration and response, announced it has become a member of the Microsoft Intelligent Security Association (MISA), an ecosystem of software development companies and security services partners that have integrated their solutions with Microsoft Security technology to better defend the mutual customers against a world of increasing cyber threats. Intelligent action Cyware Intel Exchange is a fully automated threat intelligence platform Cyware Intel Exchange now integrated with Microsoft Sentinel and Microsoft Defender accelerates operationalising threat intelligence into intelligent action. Cyware Intel Exchange is a fully automated threat intelligence platform that helps security teams automate the entire threat intelligence lifecycle, contextualise threat analysis, take proactive action, and share threat intelligence bi-directionally. Integral in threat intel “Cyware has been integral in threat intel and security operations teams’ journeys to unified threat intelligence management,” said Anuj Goel, CEO and Co-Founder, Cyware. “Joining the Microsoft Intelligent Security Association enables Cyware to provide extended threat intelligence capabilities for Microsoft Sentinel and Microsoft Defender customers, for example through advanced threat intel sharing.” Trusted security vendors “The Microsoft Intelligent Security Association has grown into a vibrant ecosystem comprised of the most reliable and trusted security vendors across the globe,” said Maria Thomson, Director, Microsoft Intelligent Security Association. “Our members, like Cyware, share Microsoft’s commitment to collaboration within the cybersecurity community to improve our customers’ ability to predict, detect, and respond to security threats faster.”  Established in 2018 to bring together Microsoft pioneers & security vendors, MISA focuses on collaborating to combat security threats and create a safer environment for all. Its mission is to provide intelligent, industry-leading security solutions that work together to help protect organisations at the speed and scale of AI in an ever-increasing threat landscape.

Quorum Cyber, a proactive, threat-led cybersecurity company, has been awarded the Identity and Access Management Specialization from Microsoft.  As a Microsoft Solutions Partner for Security, the company now holds all four available Microsoft Security specializations: Threat Protection, Cloud Security, Information Protection and Governance, and Identity and Access Management.  Exclusive security specialisation Quorum Cyber in an exclusive group of Microsoft partners who hold all four security specializationsThis achievement places Quorum Cyber in an exclusive group of Microsoft partners who hold all four security specializations – less than half a percent of partners globally have achieved this distinction.  This new specialization allows the company to showcase its proven, verifiable expertise in deploying Microsoft Identity workloads.  It helps customers identify partners with the technical capabilities and proven experience deploying Microsoft Identity workloads using Microsoft Entra ID, a cloud-based identity and access management service.  Certified cybersecurity Quorum Cyber’s expertise was verified through customer references and Microsoft exams to ensure it can deploy and manage workloads, including managing and securing identities, implementing identity governance, and deploying conditional access policies using Microsoft technologies such as Microsoft Entra ID. Microsoft security partners Quorum Cyber was founded as a Microsoft-only security services provider and member of the MISAWith a close and longstanding relationship with Microsoft, Quorum Cyber was founded as a Microsoft-only security services provider and member of the Microsoft Intelligent Security Association (MISA). In 2024, it was a Microsoft Partner of the Year finalist for demonstrating excellence in innovation and implementation of customer solutions based on Microsoft technology.  At the Microsoft Security Excellence Awards in 2024, it was named a Security MSSP of the Year finalist and Security Customer Champion finalist. And Difenda, which Quorum Cyber acquired in 2024, was also shortlisted for Security MSSP of the Year. Strengthening identity security Quorum Cyber has a strong vision for identity security. It remains committed to investing in recruiting and training skilled team members, as well as obtaining industry-recognized certifications, to protect its customers in an inhospitable and unpredictable digital landscape. Advancing security excellence "Gaining the Identity and Access Management specialization from Microsoft underscores our steadfast commitment to securing our customers' identities and data," said Federico Charosky, Chief Executive Officer of Quorum Cyber.  "This recognition showcases our proficiency in identity security and reaffirms our dedication to upholding the highest standards. We are extremely proud to have obtained all four Microsoft Security specialisations and look forward to helping our customers benefit from the additional opportunities this achievement brings."

Global cybersecurity pioneer AlgoSec has released its annual ‘The State of Network Security Report’ providing a broad view of network security in hybrid cloud environments, identifying the most popular strategies adopted by security professionals. The report sheds light on key market trends and highlights the solutions and technologies that are in demand and why, helping organisations to navigate the complexities of modern network security.       Based on two comparative surveys conducted in H2 of 2022 and 2023, AlgoSec’s research evaluated market leaders including AWS, Microsoft Azure, Check Point, Palo Alto Networks, Cisco and more, identifying significant shifts in cloud platform adoption, deployment of firewalls and Software-Defined Wide Area Network (SD-WAN), as well as Secure Access Service Edge (SASE) implementation. Key findings Key findings from the report include: Security, continuity, and compliance driving cloud platform selection – When selecting a cloud platform, organisations prioritise seamless integration, compliance, and robust security features. While the overall adoption of cloud platforms has grown, the ranking of different vendors has remained relatively stable. Azure continues to be the most widely used platform, closely followed by AWS, which has shown the fastest pace of growth. The growing adoption of SD-WAN – The move towards remote working and cloud computing has been the catalyst for the increased deployment of SD-WAN, ensuring secure and reliable connections across multiple locations. That is reflected in the report, with a steep decline in the number of organisations that had no SD-WAN solution from 55.2% in 2022 to 34% in 2023. The rise in SASE adoption – With network infrastructures becoming more complex, SASE has become a popular solution for organisations, consolidating multiple security functions into a single, unified, cloud service. The report found the rate of SASE adoption has increased year-on-year, with notable growth of Zscaler implementation from 21.9% in 2022 to 37% in 2023, and Prisma access implementation from 16.2% in 2022 to 22.8% in 2023. The increasing importance of firewalls in cloud estates – With more businesses looking to secure corporate resources across complex cloud networks, firewall implementation has increased as a result, providing organisations with the means to safeguard against external threats. The rate of adoption has risen significantly, with only 7.1% of respondents saying they had no firewalls deployed in 2023 - a sharp drop from the 28.4% recorded in 2022. The persistence of hybrid networks – Despite the general shift towards cloud adoption, on-premise data centres and device rollouts remain a significant feature of the network landscape. Cloud-based network security solutions “According to our research there has been greater adoption of cloud-based network security solutions across the board,” said Eran Shiff, VP Product of AlgoSec. “However, there is still progress to be made in the SD-WAN and SASE space. By identifying the key trends and the most popular solutions on the market, we can provide some much-needed clarity into the complex world of network security.”

Open architecture in physical access control is built around Mercury Security’s access control panels, the de facto standard embraced by more than two dozen access control original equipment manufacturers (OEMs). Mercury and several of its OEMs teamed up March 3-4 to present MercTech4, a conference in Miami aimed at updating security consultants about the latest developments related to the Mercury platform. MercTech4 highlighted a new generation of access control products, which are increasing the capabilities for Mercury OEMs in areas such as two-way communication and encryption. Enhancements include use of the OSDP (Open Supervised Device Protocol) v2 communication standard instead of the older (and less flexible, less secure) Wiegand standard. Other advantages are relay count activations, a crypto memory chip and default encryption, a critical feature ensuring greater cybersecurity. Integration of hardware with physical security Mercury hardware is sold exclusively through OEM partnerships. The new LP4502 controller and access control platform use the Linux operating system. Mercury also provides hardware integration at the controller level with elevator manufacturers such as Otis, Kone and Thyssenkrupp, including “destination dispatch,” which groups passengers going to the same floors into the same elevators, thus reducing waiting and travel times. Mercury hardware is sold exclusively through OEM partnerships. The new LP4502 controller and access control platform use the Linux operating system Integration of Mercury controllers with LifeSafety Power’s IP-based intelligent power supplies enables system health and diagnostic data to be shared for preventive maintenance. Mercury also offers several “bridge” products to enable its OEMs to transition installed proprietary systems from outdated Casi-Rusco (GE), Software House I (Tyco) and Infographics (GE) technologies to an open platform using Mercury hardware.  Business as usual Other recent news for Mercury is the company’s acquisition by HID Global last fall. Mercury Security President Matt Barnette says the acquisition will not impact how Mercury goes to market. “It’s business as usual,” he says. “It’s 130 days into the acquisition, so it’s still early on, but we are continuing to do what we do.”  Steve Carney, HID Global’s vice president of product marketing for physical access control, provided an update from the HID Global perspective to MercTech4 attendees. He reiterated that there would be no change in Mercury’s OEM go-to-market strategy. HID will develop a roadmap for improved combined solutions among the controller, reader, credential and cloud He emphasised that Mercury’s team and talent remain core to the brand, and HID will develop a roadmap for improved combined solutions among the controller, reader, credential and cloud. Open architecture companies throughout the access control industry – Mercury’s OEM partners – are incorporating the new boards into their products, each putting their “spin” on those capabilities and expanding the functionality of their systems. At MercTech4, seven of those OEMs hosted small groups of consultants in focused meetings to highlight what’s new with their products. Lenel honoured as 'Platinum Premier' partner Lenel, Rochester, N.Y., has been a Mercury's OEM partner since 1995. Lenel is Mercury’s first-ever "Platinum Premier" partner. In recent years, Lenel’s OnGuard system has evolved into a fully browser-based system providing both alarm and cardholder management through web browsers, and access to the platform on a computer, laptop or tablet. OnGuard WATCH (Web Access Trending and Comprehensive Health) provides system monitoring tools and health checks, such as tracking CPU usage and logging error files. Lenel has introduced its own BlueDiamond mobile credentialing system based on Bluetooth Low Energy and deploying mature technology previously used by sister UTC companies for real estate locks and in the hospitality market. Feenics, an Ottawa, Ontario, cloud-based access control company, was also among the Mercury OEMs participating in MercTech4. The Keep by Feenics platform is scalable from a single door to a global enterprise environment. A RESTful API provides easy connection of third-party applications. Feenics emphasises cybersecurity in the cloud, using Amazon Web Services, Transport Layer Security (TLS) encryption, and Veracode penetration testing. They use MongoDB open source database replica sets instead of Microsoft SQL.  Mercury and several of its OEMs teamed up March 3-4 to present MercTech4, a conference in Miami aimed at updating security consultants about the latest developments Integration and encryption RS2 Technologies, Munster, Indiana, is another Mercury OEM highlighted at MercTech4. Their top vertical markets are K-12 schools, utilities, healthcare and government. RS2’s features include a PSIA-compliant interface, compatibility with BACnet and the Pinwheel DME (Data Management Engine) for bi-directional database integration.RS2 offers web-based support, and each edition of the Access It! software implements features suggested by customer RS2 offers web-based support, and each edition of the Access It! software implements features suggested by customer. Product enhancement is a focus of RS2’s engineering. Open Options, Addison, Texas, is a Mercury Platinum Elite partner whose customer base spans every vertical, and whose feature set reflects customer feedback. Open Options offers Mercury hardware mounted inside a sleek plastic enclosure, among other form factors. The company emphasises an open business culture and dedication to customer service. Customer support is a direct phone line to speak with a live person every time to get any issue resolved. Open Options’ DNA Fusion Version 7 platform includes new features such as an updated user experience. DNA Fusion interfaces seamlessly with security technologies — including video, biometrics, wireless locks, and more. Last year, Open Options marked 20 years of partnership with Mercury Security. Engineering for the masses Avigilon, Vancouver, B.C., is embracing new Mercury products in its completely browser-based Linux platform that can scale from entry-level to enterprise systems. The ACM (Access Control Manager) software is engineered for IT professionals and is updated every 60 days. For Avigilon, access control is a component of a broader approach that uses analytics and self-learning to manage massive amounts of data and provide the information an operator needs. The Linux-based system uses features such as the Avigilon “Appearance Search” capability to shift operation of security systems from a reactive to a proactive stance The system uses features such as the Avigilon “Appearance Search” capability to shift operation of security systems from a reactive to a proactive stance. Genetec, Montreal, Canada, emphasises the value of its “unified” approach that combines video, access control and automatic license plate recognitions into a single platform – designed from the ground up – that incorporates communications, intrusion detection and analytics. Cybersecurity failures prominent in the news often occur because of negligence – the customer had not implemented a software patch, for example. Genetec helps to manage such concerns. When cameras are deployed in the Genetec platform, the system provides an alert if a new camera firmware version is needed. The Genetec Update Service (GUS) notifies customers of any needed software updates. Prominence of cybersecurity Honeywell’s Win-Pak access control software is integrated with the Pro-Watch security management suite. Cybersecurity is a corporate priority for Honeywell, whose products follow the SDLC (systems development life cycle) process with security requirements based on the ANSI/ISA 62443-3-3 standard. Microsoft's Threat Modelling tool identifies entry and exit points of systems that an attacker could exploit, providing the development team an attacker's viewpoint. The secure product development process includes static code analysis, secure code review, code signing, binary scanning and component inventory. Products are thoroughly tested by the Product Security Assurance Team and at times by an Advance Independent Testing Team. If vulnerabilities are identified after release, they are handled by the Product Security Incident Response Team. Cybersecurity issues dominated a consultant roundtable event on the second day of MercTech4. There was plenty of spirited discussion and some valuable insights among the 40 or so participating consultants. More to come on that in another article in the next couple of weeks.

“Mixed reality” may seem like a strange term to apply to the physical security industry, but it describes a new approach to enable the features of access control and video surveillance systems to be used by operators in the field. Mixed or augmented reality technology combines a real-time view of the world through Microsoft’s HoloLens headset, with placement of virtual devices and controls as holograms in a three-dimensional space. Virtual devices and controls In effect, a security guard wearing a HoloLens headset can approach a door in his facility and see the real-time status of that door, provided by an access control system, projected as a hologram alongside his live view of the door. It’s the first implementation of a technology with many possibilities. Related to video surveillance, real-time facial recognition could provide the identity of a person walking past a security officer in a hallway, for example. Basically, the approach extends the interfaces and capabilities available in a control room to a security officer on patrol. The officer can place and interact with a variety of virtual devices and controls as holograms in the 3-D space he or she views through the headset. Augmented Reality for Integrated Electronic Security The security industry technology has been developed by CodeLynx, a software engineering and systems integration company headquartered in North Charleston, S.C. As a systems integrator, CodeLynx specialises in audio-visual and physical security design and installation for A/V, access control and video surveillance systems. A complementary business is software engineering; Darren Cumbie, Director of the Software Engineering Division, and his team provide custom integrations of various technologies. The approach extends the interfaces and capabilities available in a control room toa security officer on patrol CodeLynx has developed software to adapt Microsoft’s HoloLens product for use in the physical security field. They are bringing it to market as ARIES (Augmented Reality for Integrated Electronic Security). The software operates using Microsoft’s HoloLens, introduced in 2016, a powerful, self-contained holographic computer worn as a headset. Specialised components enable holographic computing in lockstep with advanced sensors, including five cameras. Users can move freely throughout an environment and interact with holograms that augment the reality they view through the HoloLens. Cumbie says HoloLens provides the best mixed reality headset currently available: “Nothing else has the power, usability and scalability across an organisation.” AMAG Symmetry access control integration In ARIES, CodeLynx has created a certified integration with AMAG’s Symmetry access control system to enable operators to view information from Symmetry as holograms in their field of view through the HoloLens. The integration extends the functioning of Symmetry to operators in the field, thus expanding the control room environment. Holograms can be created and positioned for each user, and they function just like physical devices, tied into Symmetry. Approaching a door, an operator can request a list of the last five people who came through the door, for example; he or she can see a photo ID related to each person who swipes through a turnstile. CodeLynx is looking to expand the market for ARIES using integrations with other OEMs in addition to AMAG. “Instead of being chained to their desk looking at monitors or a display wall, operators can work in the field using the full functionality of their systems as they walk throughout the property,” says Drew Weston, CodeLynx Director of Sales and Marketing. “Meanwhile, I am not sitting at a desk, I am out in public.” Holograms can be created and positioned for each user, and they function just like physical devices, tied into Symmetry At some point, the headsets will likely get lighter and more ergonomically appealing. Right now, all the computing power is inside the headset (which, even so, only weighs only 1.3 lbs). In the future, more of that computing will likely be “offloaded” to a nearby desktop or laptop computer, or even to the cloud, and wirelessly “tethered” to the headset. In addition to making the headsets lighter and more ergonomically appealing, tethering would bring down costs from the current $5,000 per headset (possibly into the “three digit” range). CodeLynx is poised to leverage any Microsoft enhancements to the HoloLens environment. Currently the software is priced at $1,500 per user. Benefits for systems integrators For systems integrators, ARIES could be used to simplify installations, given its ability to view camera frames through the headset hands-free rather than needing to view a separate laptop when focusing or positioning a camera. For maintenance or troubleshooting, an operations center could access the field user’s view and direct him or her to correct a problem. In this way it would be a training tool to help integrators, which is a separate value proposition from how the devices may be deployed by end users. The ARIES approach could also eventually change how we think of a control room. Instead of video screens and walls, operators might sit in comfortable chairs in rooms with white walls, viewing all the control room “screens” through their headsets as holograms. Less power consumption would be among the benefits. ARIES plans to offer a “virtual operations centre” in 2018, enabling command centre operation from anywhere, user-customisable layout views and the ability to push content to specific HoloLens users. This video demonstrates how interaction with holograms can drive security functions: https://www.youtube.com/watch?v=B82oAlxt5_s

Speaking at ATM Security 2015 in London, Pat Telford, principal consultant at Microsoft Canada, summarised the software threats to ATMs and the features to combat them when migrating to Windows 10. ATM security is compromised by physical attacks on the cash, physical attacks on the card, replacement of the ATM computer (black box), and malware attack (where normally a person visits the ATM and adds malware). According to Telford, there are certain immutable laws of ATM Security: If a bad guy can alter the operating system on the ATM, it’s not your ATM any more If a bad guy has unrestricted physical access to the ATM, it’s not your ATM any more If you allow a bad guy to upload programs to the ATM, it’s not your ATM any more If a bad guy can persuade you to run his programme on your ATM, it’s not your ATM any more. So what can you do to prevent these situations? There are plenty of physical defences including ATM location planning, ink and anti-skimming. Trusted devices can help against computer replacement/black box, says Telford. There is also layered defence-in-depth software security (firewall, whitelisting, and reducing the number of administrators). Why are ATMs moving away from Windows XP? The answer is because they have to. Windows 10 offers in-box security enhancements, a long support lifecycle and a long-term servicing model, says Telford, and has the same hardware requirements as Windows 7. The key defence in Windows 10 is Device Guard, which enables a computer to be locked down to only run trusted applications – a virtual “machine” oversees security. If a piece of code is not signed by Microsoft or the user, it will not run. It is also resistant to tampering by an administrator or by malware. In a situation of malware against Device Guard, a trusted system is used to mediate whether apps can run and you cannot boot from an alternate OS. It’s a similar system to an iPhone, for which you can only get signed software from the Apple Store, says Telford. In summary, Windows 10 is not available yet as an OS from the major ATM vendors, but it’s an appealing platform. The servicing model includes continuous releases but with long-term branches for ATMs. To take advantage of Device Guard, you may need new hardware features on the ATM PC. Finally, techniques for migrating to Windows 7 can also be used to migrate to Windows 10.