+44 (0) 1367 701 500

Office365: Protecting the largest, most popular Saas application

December 22, 2020

Office365 is Microsoft’s fastest-growing product. A staple for individuals and organisations alike, the SaaS offering has dominated the productivity space, with more than 258 million users and 75 million Team users. Covid-19 has significantly accelerated the adoption of Office365 across the globe.  As a result, organisations are exposed to new cyber threats and challenges that they may not be prepared or aware of.

For many users, Office365 is the core of enterprise data sharing, storage, and communication. It is therefore no surprise that it has become a prime target for cyber attackers. With its ecosystem of programs, Office365 account takeover has become the largest security threat vector in the cloud, beating email compromise.

  • Takeovers cost an estimated $6.5-$7 billion in losses across multiple industries
  • Between 2018-2020, there’s been a 98% rise in compromised credentials to accounts
  • 99% of cloud security failures are in the customer’s portion of the responsibility model
  • 56% of breaches are taking months or longer to discover

Thanks to Vectra, the entire Office 365 ecosystem can be protected against data breaches. Cognito Detect sees threats emerging from the cloud in real-time and stops them in their tracks. Users can identify threats across the entire network, tying together attacker activities and progression between cloud, hybrid, and on-prem environments.

For their recent Spotlight report, Vectra was able to observe 4 million Office365 accounts over a 90 day period. They were able to identify suspicious high-risk behaviours associated with attacker techniques exploiting built-in Office 365 capabilities.

Lateral movement is the most common type of suspicious behaviour (the techniques attackers use to move through a network in search of key data), closely followed by command-and-control communication.

  • 96% of customers sampled exhibited lateral movement behaviours
  • 71% of customers samples exhibited suspicious Office365 Power Automate behaviours
  • 56% of customers samples exhibited suspicious Office365 eDiscover behaviours

Attackers live off the land using legitimate Office365 tools and features to remain hidden and bypass security controls. Cognito Detect puts an end to Office365 account takeovers by understanding attacker behaviours and account privilege.

Crucially, Vectra can help you to identify and remediate any threats within Office365 in real time.  Please get in touch today if you would like to find out more, and one of our friendly experts would be more than happy to walk you through the process.

Core to Cloud Ltd | LinkedIn

Consultancy for the planning and implementation of sustainable security strategies that meet expectation, embrace innovation and build foundations for secure digital business. Why Core to Cloud? We deliver solutions that help organisations to discover, defend and respond to the latest security threats on the horizon and to also ensure compliance.

Fancy a coffee on us this Friday? ☕ Join us at 11am to see first-hand how the @Vectra_AI and @cybereason platform integration works to help security teams combine network and endpoint data for full visibility and accelerated response to cyberattacks. https://bit.ly/33pW6be

Load More...

Certifications