Video
“Security is a team sport,” says Microsoft Security Response Center head
Eric Doerr responds to Solorigate incident, calls on cyber community to share information to thwart bad actors
CTech | 16:13, 15.02.21
“We were effectively a first responder in what we call the Solorigate incident, we worked with many customers to help them figure out what was going on, and then, of course, we were an attempted victim. So in a weird way, we kind of connected customers and the industry and saw this from an interesting vantage point,” Eric Doerr, who leads the security response team at Microsoft said in an interview with Ron Friedman during Calcalist’s Cyber Conference.
“Everything we learned about this event just reinforced this concept that the industry talks about zero-trust, the notion that you have to trust, but verify things in your network. What we saw was that our in-depth-defense worked, the bad actor was not able to use some of the techniques that they were able to use against other victims,” Doerr said. “That’s why we reiterated what are the best practices, what are the things in general that you can do to protect yourself, as well as taking the learnings from working with our customers around the world, seeing the workings of this actor and we worked very hard to publish that information as rapidly as possible so that other people could benefit from the findings and not need to discover it themselves in their own networks.”
Asked whether the cyberwar could ever be won, Doerr responded that “I don’t know that we’ll ever be able to stop being vigilant against cyberattacks, but the thing I would say is worth thinking about is that there are way more good companies and good people than there are bad actors. So our number one asset is that there are more of us. And if we come together and lock shields, and share information, then we can be better positioned.”
“If we don’t share information then the
bad actors can use the same techniques over and over again, victim by victim. But if we do talk to each other, share information, and band together, then we will be much more effective at stopping these bad actors and making it hard to do their job. That’s what we did with the Solorigate incident, is equip other people to thwart these bad actors and that’s why we are calling on everybody in the industry to do more of. As people say, security is a team sport,” he said.
Doerr also discussed the findings of a new global survey Microsoft conducted to measure clients’ sentiments about cybersecurity in the Covid-19 era, recent trends in cyber protection, and the Israeli D&D center’s role in the tech giant’s innovation pipeline.