Embed Size (px)
Citation preview
Pervasive Borderless Evolving
DIGITAL TRANSFORMATIONLAW ENFORCEMENT, EMERGENCY MGMT.
Microsoft Confidential
Cybersecurity is a Executive-level Issue
160MData records compromised
from top 8 breaches in 2015
556Mvictims of cybercrime
per year
$400Bcost of cyberattacks to
companies each year
71%of companies admit they
fell victim to a successful
cyber attack the prior year
$3 Trillionestimated cost in economic
value from cybercrime
industry by 2020
140+Median # of days between
infiltration and detection
Apps and Data
SaaS
Microsoft protecting customers
Malware Protection Center Cyber Hunting Teams Security Response Center
DeviceInfrastructure
CERTs
PaaS IaaS
Identity
INTELLIGENT SECURITY GRAPH
Cyber Defense
Operations Center
Digital Crimes Unit
Antivirus NetworkIndustry Partners
Microsoft Confidential
MICROSOFT’S UNIQUE PERSPECTIVE
300B user authentications each month
1B Windows devices updated
200B emails analyzed for spam and malware
Microsoft Confidential
DCU Malware Takedowns and DisruptionsWaledac
February 2010Spam
Trojan that collects email addresses, distributes spam, posts data to web, downloads executable files.
Proving model of industry-led efforts. Severed 70-90K devices from the botnet.
Hijacks search results, takes victim to dangerous sites. Cost online advertisers upwards of $2.7M each month.
Successful disruption in partnership with Europol EC3, FBI, A10 Networks.
Trojan that distributes spam, steals logins, bitcoins, downloads and executes files.
Partnership between Microsoft and security software vendors. First operation with named defendant.
Malware using Dynamic DNS for command. Involved password and identity theft, webcam and other privacy invasions.
Over 200 different types of malware impacted.
Rootkit-enabled back door Trojan which distributed spam e-mail.
Support by stakeholders across industry sectors.
Involved US & Dutch law enforcement and CN-CERT.
Extremely sophisticated trojan which steals banking credentials. Spread via spam or phishing messages.
Worked in partnership with law enforcement providing technical remediation.
Steals identity, financial info, controls PC, turns off firewall, installs other malware, ransomware.
Cross-sector partnership with financial services. Focused on disruption because of technical complexity.
Focused on online financial fraud responsible for more than $250M in losses.
Coordinated disruption with public-private sector partnerships.
Committed online financial fraud responsible for more than $500M in losses.
Public-private sector partnerships critical for coordinated disruption.
Worm spread via USB and internet. Would infect other devices in common network. Global cyber-security elites joined forces.
Microsoft-led model of industry-wide efforts.
Introduced in the supply chain relied on by Chinese consumers.
Settled with operator of malicious domain.
Ramnit
Module-based malware which concentrates on stealing credential information from banking websites.
International public-private partnership, shut down C&C servers, redirected 300 domains.
Hijacked user’s search results, took victims to dangerous sites.
Takedown in collaboration with Symantec. Proactive notification and cleanup process.
SimdaApril 2015
Identity Theft / Financial Fraud
Uses remote access to steal personal and banking info, as well as install other malware.
Partnered with Interpol and industry partners and activated CME platform to disrupt global malware attack.
Dorkbot
Disables security, steals credentials, personal info, distributes other malware. Spreads via USB, messaging, and social networks.
Partnership with Homeland Security and international agencies.
Microsoft Confidential
Protecting Vulnerable Populations
PhotoDNA has helped detect
millions of illegal images online
www.microsoft.com/photodna
Free cloud-based service
PhotoDNA
Over 100 organizations use the
technology to keep their
platforms safe
Illegal images are reported to the
National Center for Missing and
Exploited Children and other
appropriate authorities
Trusted Cloud PrinciplesCommitment to principles worthy of your organization’s trust
Azure ComplianceAzure has the largest compliance portfolio in the industry
United
StatesHIPAA /
HITECH
FedRAMP
JAB P-ATO
FIPS 140-2 FERPA DISA Level 2 ITAR-readyCJIS21 CFR
Part 11
IRS 1075 Section
508 VPAT
13
IndustryISO 27001 PCI DSS Level 1SOC 1 Type 2 SOC 2 Type 2 ISO 27018Cloud Controls
Matrix
Content Delivery and
Security Association
Shared
Assessments
RegionalEuropean Union
Model Clauses
United
Kingdom
G-Cloud
Singapore
MTCS Level 3
Australian
Signals
Directorate
Japan
Financial
Services
China Multi
Layer Protection
Scheme
China
CCCPPF
New
Zealand
GCIO
China
GB 18030
EU Safe
HarborENISA
IAF
• Video Solutions are more prevalent
• Better analytics will result in more real-
time use of data collected from Video
• Real-time intelligence still lagging
• Access to mission critical communications is paramount
• Desire for high-speed data in the field continues to explode-
common operating picture for the mobile workforce
• Complex environment of multiple software
platforms and devices.
• Integration is critical to intra- and inter-
agency collaboration
Public safety trends
Offender
Management
Prison
Management
Court & Case
Management
Investigation
Management
Integrated Public Safety & Justice
1
2
3
4
Predictive & Policing
Analytics
Real-time
Threat Center
Video Management &
Digital Asset Management
Real-time & Post
Video &
Multi-media
Analytics
• Predicting wild-fires- based on fire-risk data and fire simulations, together with weather forecast information, to inform the day's resource allocations (personnel and fire trucks for example)
• Risk-Based Inspection Systems• Crime Modeling & Trend Analysis
• Near-real-time situational awareness and common operating picture for all connected personnel
• Real-time communications, including Radio-over-IP (RoIP)
• Personnel tracking & Asset Management
3G/4G/LTE
GPS
Wi-Fi Hotspot
3G/4G/LTE Modem
Wi-Fi 900MHz, Custom
Handheld Controller
W10 Device
TacticalDroid Bot
Ground Station
Microsoft’s Intelligence-led First Response Platform
Azure Cloud PlatformAzure IoTCortana Intelligence Suite
Dejero GoBox
Bonded Wireless (3G/4G/LTE, Wi-Fi, Ethernet, microwave and satellite)
Situational AwarenessComputer Aided Dispatch (CAD)Records Management System (RMS)Digital Asset Management
LPR Camera
Body Worn Camera
Wi-Fi
Aeryon sUASLive Video Streaming
Vehicle TelemetricsFleet ManagementVehicle Diagnostics
Automatic Vehicle Location (AVL)
Wi-Fi
Dashboard Camera In-vehicle DVR
Controller/W10 Device
Skype Office 365OfficerBiometrics
Microsoft Band
Microsoft’s Intelligence-led First Response- Vehicle Implementation
Cortana
MFA
Yammer
CCTV
Social Media
CAD/RMS
Cameras
OSINT
Public Safety &
National Security
Users
Other Users
NGO’s/Academia/
Research
Real Time
Monitoring
Threat
Console
Alerting
Post Event
Investigation
Threat
Console
Search
AFIS/ID
MatchingWatch List
Administration
Video &
Metadata
Storage
Video & Metadata
Search
Face
Redaction
Face
Recognition
License Plate
Recognition
Gunshot
detection
Speech to
Text
Encoding &
Streaming
Timelapse
Optical
character
recognition
Hyperlapse
Motion detection
Intelligent Cloud for Public Safety
Citizen Engagement
IACP Center for Social Media
Goal: To build the capacity of law enforcement to use social media tools to prevent and solve crimes, strengthen police-community relations, and enhance services. • 95% of agencies surveyed use social media
• The most common use of social media is for
criminal investigations at 82.3%.
• 78.8% of agencies report that social media has
helped solve crimes in their jurisdiction
• 77.5% of agencies state that social media has
improved police-community relations in their
jurisdiction.
