"Microsoft Announces Automatic BEC, Ransomware Attack Disruption Capabilities"
Microsoft announced last year that its enterprise protection suite, Microsoft 365 Defender, will include automatic attack disruption capabilities. It has now been announced that these capabilities will help companies disrupt Business Email Compromise (BEC) attacks and human-operated ransomware attacks. A quick defensive response to cyberattacks is becoming increasingly important for companies. According to IBM Security's X-Force team, the average time to complete a ransomware attack has decreased from two months to less than four days, and the rate at which attackers target employees using compromised email accounts and existing email threads has doubled. Ideally, all organizations would have the appropriate technology in place, as well as a well-staffed Security Operations Center (SOC) that can detect the first signals of an attack. However, SOC analysts are bombarded with alerts, navigating through false positives, and frequently missing critical signs. Several security providers believe that automation is the solution. This article continues to discuss Microsoft's announcement of automatic BEC and ransomware attack disruption capabilities, as well as the need to improve reaction speed to disrupt attacks.