Microsoft Copilot for Security and NIST 800-171: Access Control
The second blog in this series will dive into the very first requirement family - Access Control (3.1) - and how organizations may deploy Microsoft Copilot for Security (Security Copilot) to meet the requirements entailed. This requirement family is arguably one of the most paramount because of the remarkable growth in identity-based attacks and the need for identity architects and teams to work more closely with the Security Operations Center (SOC). Microsoft Entra data noted in the Microsoft Digital Defense Report shows the number of “attempted attacks increased more than tenfold compared to the same period in 2022, from around 3 billion per month to over 30 billion. This translates to an average of 4,000 password attacks per second targeting Microsoft cloud identities [2023]”.Protecting Public Data and Trust with Azure Security and Microsoft Entra – A State DOJ Case
On June 27, 2022 - California Department of Justice launched a new Firearms Dashboard Portal with altruistic intentions to “improve transparency and information sharing for firearms-related data” and “balance its duties to provide gun violence and firearms data to support research efforts while protecting the personal identifying information in the data the Department collects and maintains”. Fast forward less than 30 days, the Attorney General’s office is now being sued by two different parties, a national non-profit on July 1 and a group of four CA citizens on July 18 respectively. Both lawsuits are predicated on the assumption that the bold text was not upheld. The CA DOJ and the CA Attorney General are not alone in facing the three pressures that incited this particular incident. Citizens want greater transparency when it comes to community health data, criminal activity, and other politically impacted domains like firearm ownership. This data comes in many forms (databases, video footage, internal reports/memos, court documents, etc.) and resides on a broad array of digital locations. This data is of special interest to hackers looking to leverage Personal Identifiable Information (PII) for financial gain OR hacktivists desiring to expose a particular truth or perceived truth by leaking the information to the broader public.
