When the cyber criminals come calling, how fast can you shut the door?

A strong security security strategy has never been more important, but it should also include effective post-breach tools to limit potential damage, according to a recent study.

The study by Forrester Consulting found that organizations that use Windows Defender Advanced Threat Protection (ATP) reduce the risk of data breach costs by 40 per cent. Windows Defender ATP, provides preventive protection, post-breach detection, investigation and response as well as centralized management of the end-to-end security lifecycle. “By identifying more suspicious threats and addressing them faster, organizations can reduce their overall security risk,” the study says.

Security experts say that, despite best efforts, it’s a not a question of ‘if’, but when a breach will occur. Seventy-four per cent of businesses have, at one point, been compromised by cyber events. The ability to reduce the impact of a breach pays off given that the average cost of a security incident is estimated to be $3.6 million.

Preparing for the worst

A comprehensive security solution was vital for clothing manufacturer Fruit of the Loom as part of its digital transformation. To mitigate software and firmware threats, Fruit of the Loom is using security features built into Windows 10—constantly updated under the Windows as a service model—which helps IT to deliver a modern and secure technology experience for employees, with very little work required. “Windows as a service with Windows 10 helps us stay up-to-date with the latest security features to defend against modern attacks,” says Berry. “Now, we have the tools to discover, investigate, and contain attacks if they do reach our endpoints.”

Organizations are looking for solutions that enable them to protect, detect and respond to even the most sophisticated threats. Windows 10 changes the game for security in organizations by protecting user identities, information and devices from threats, with a comprehensive and fully integrated set of advanced security capabilities. Windows Defender ATP collects behavioural data at endpoints and uses advanced analytics and machine learning to identify potential attacks. According to the Forrester study, it catches 1.7 times more threats than other endpoint detection and response tools.

After alerting the organization to the threat, Windows Defender ATP provides forensic evidence across the entire network to help uncover the scope of the breach, saving time for security teams.

The system includes tools to quickly “shut the door” to contain the attack and to prevent reoccurrence. “You can quarantine a machine, collect a forensics package, identify a file to be blocked across the environment or kill a process in real-time,” says Dan Kaufman, Microsoft Director of Security Operations. Once a bad file is discovered, the system will also track all of the users that received the file to prevent the problem from spreading. Organizations can learn more about how Windows Defender ATP can protect them from cyberattacks or sign up for a free trial here.

 

Reducing the risks

The Forrester study found that by using Windows Defender ATP, organizations could investigate and remediate threats four times faster than with the tools they had before. The post-breach system also reduced the downtime for end users by as much as four hours per event and saved time for the IT Team. Since Windows Defender ATP is built into the Windows operating system, it is always up-to-date and requires minimal testing or troubleshooting. Overall, Forrester reports that organizations using the tool experienced benefits of $2.3 million over 3 years, with a return on investment of 53 per cent.

“The old adage is to expect the best but prepare for the worst,” says David Weston, head of research for Windows Defender ATP. “A post-breach system gives you that peace of mind and that backstop when threat prevention fails, you still have the ability to detect and contain threats.”

Interested in a post-breach solution? Learn more about Windows Defender Advanced Threat Protection here.