Microsoft Identity Division's corporate vice president of program management Alex Simons sat down with Dan Patterson to discuss the different threats facing the enterprise today.
CNET and CBS News Senior Producer Dan Patterson spoke with Microsoft Identity Division's corporate vice president Alex Simons about the different threats facing the enterprise today. The following is an edited transcript of the interview.
Alex Simons: Password managers are certainly a good option. In fact, we recommend them to customers all the time saying, "Hey, if you're not going to go passwordless entirely, get a password manager," but they're not super convenient, and a lot of them don't work well across all your different devices. It's not a perfect solution, but definitely it's better than nothing. That's for sure.
There's a whole bunch of valuable information about you in the cloud. Right? Hackers are looking for several different things. They're looking for things that they can monetize, for instance. It's really valuable to be able to hack into my Xbox account and get my avatar because you could resell my avatar and all of my accomplishments on the black market, and someone will buy it. It's actually valuable. If you were able to hack into my bank account, right, then all the sudden you've got way more capabilities. You could go in and transfer money out. Do all kinds of nefarious things probably. All of these accounts represent value, and the minute there's value there, then all the sudden there's an economy, and there are hackers who want to go after that economy.
SEE: 10 ways to raise your users' cybersecurity IQ (free PDF) (TechRepublic)
There are certainly threat actors who are associated with different nation-states around the world. There are threat actors we know, for instance, that are associated with national governments for instance in China, in Russia, and other places like that. There are also large organized bands of hackers who are just kind of loosely affiliated. A lot of the times when you get an email that says, "Oh, I'm from Nigeria, and I'm a prince, and if you just do the following thing, I'll transfer you money," those are loosely-associated bands of hackers, but they have these really professional chains, right? A junior hacker maybe will go out and try to farm lots and lots of accounts, and once they finally find one that's good, then they will resell that account to a much more experienced hacker, who will then come in and actually do the hard work of breaking into the account and expanding and taking over things. There's a wide variety, but they really kind of fall in those two groups: nation-state sponsored and kind of these loosely affiliated bands.
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- 10 dangerous app vulnerabilities to watch out for (TechRepublic download)
- Windows 10 security: A guide for business leaders (Tech Pro Research)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)