Microsoft Secure Score: Is Your Guard on Duty?
Would you rather have a security guard for your business who is vigilant, well-trained and knows what to look out for and how to respond to different situations, or a security guard that is inattentive, poorly trained, and might be more interested in their phone than their surroundings?...
Your Microsoft Secure score is essentially the grading of your (cyber)security guard for your company, with a low score equating to the inattentive guard, who forgets to lock the side door, while a high score is comparable to the vigilant guard, constantly monitoring for threats, updating defenses, and responding swiftly to incidents.
To check your current Microsoft Secure Score, go to the Microsoft Secure Score overview page in the Microsoft Defender portal (link below).
https://security.microsoft.com/exposure-secure-score
Note, you’ll need to have appropriate permissions to view this page.
Look for the title that says, "Identity Secure Score." Your score will be shown as a percentage, along with the number of points you've achieved out of the total possible points.
It is worth noting that the Secure Score metric fluctuates regularly depending on your Microsoft tenant (environment), and you will have different options available depending on the type of Microsoft licenses you deploy at your company. Generally, higher-tier subscriptions will offer more cyber security options.
The average Secure Score varies across different industries and regions. Financial institutions in the UK, for example, have an average score of 50.40%, while the industry average in Hong Kong is lower at 48.27%. Interestingly, we have observed a 5-month decrease in the industry average Secure Score recently, indicating that the majority of financial institutions are not keeping up with the increasing number and evolving nature of cyber threats.
For the financial services industry, but it honestly applies to any business, it is recommended to aim for a Microsoft Secure Score of at least 75% or higher. This level of security ensures that the organisation has implemented a robust set of security measures, significantly reducing the risk of cyber threats and enhancing overall protection.
Achieving this recommended Secure Score is crucial for several reasons:
Visibility and Control: Centralised visibility into your cybersecurity status, allowing you to monitor and manage your online cybersecurity.
Benchmarking: Compare your cybersecurity posture against others within the industry, allowing you to identify areas of improvement.
Guidance and Recommendations: Provides actionable recommendations to enhance your cybersecurity one step at a time, making it easier to prioritise and implement security measures (i.e. less user interruption).
Risk Mitigation: Reduce your risk of cyber security breaches to your Microsoft environment and protect sensitive client data.
Improving your Secure Score can be done in one of two ways; if you’re comfortable to adjust the settings within your Microsoft 365 Copilot environment or have an existing support team that can help you, follow the guidance via the link above, but be careful as some of them will impact how users can interact with their accounts and data. Alternatively, you can outsource it to a dedicated cybersecurity company or honestly any business that holds appropriate qualifications and has relevant experience in this field.
Our key message for this newsletter is to raise awareness, so please do forward it to anyone that you know that owns a business and would benefit from checking their score and potentially doing something about improving it (before they become a victim of a costly cybersecurity breach).
If you have any questions or we can help with anything, please feel free to get in touch via our website Contact | Buchanan Technology.
Stay secure and keep your score high! 🚀
