Defender XDR - 8. Secure Score

In the 8th blog post you will learn how to effectively leverage all your insights to prioritize tasks and obtain the assistance needed to secure your environment comprehensively, encompassing endpoints, email, applications, and identity.

The Secure Score is one of the best features in the Defender XDR portal, and an ideal way of improving security in your environment. By using Secure Score effectively, you can reduce the risk level significantly.

Agenda:

• Introduction
• What is Secure Score
• How to use Secure Score
• My Recommendations
• Conclusion

Introduction

Cybersecurity is a crucial aspect of any organization's success in the digital age. With the increasing complexity and sophistication of cyber threats, it is essential to have a comprehensive and proactive approach to protect your data, devices, and users. However, managing cybersecurity can be challenging, especially for small and medium-sized businesses that may not have the resources or expertise to implement and monitor all the best practices and tools.

That's where Microsoft Secure Score comes in. Microsoft Secure Score is a tool that helps you assess and improve your security posture across Microsoft 365 services, such as Azure Active Directory, Defender for Endpoint, Defender for Office, Defender for Cloud Apps, and more. It gives you a numerical score that reflects how well you are following the security recommendations from Microsoft and provides you with actionable insights and guidance to prioritize and implement the most impactful security improvements.

In this blog post, I will explain what Microsoft Secure Score is, how it works, and how you can use it to boost your cybersecurity. I will also share our recommendations on how to effectively leverage all your insights to prioritize tasks and obtain the assistance needed to secure your environment comprehensively, encompassing endpoints, email, applications, and identity.

What is Secure Score

Microsoft Secure Score is a security analytics tool that measures and compares your security posture across Microsoft 365 services. It is based on the Microsoft Security Maturity Model, which defines four levels of security maturity: basic, integrated, advanced, and dynamic. The higher your level of security maturity, the more resilient you are to cyberattacks and the better you can protect your organization's assets and reputation.

Microsoft Secure Score helps you achieve higher levels of security maturity by providing you with a score that reflects how well you are following the security recommendations from Microsoft. The score is calculated based on the security controls that you have enabled or configured in your Microsoft 365 environment, such as multifactor authentication, encryption, threat protection, and more. The score also takes into account the potential impact and effectiveness of each security control, as well as the level of user impact and implementation cost.

Microsoft Secure Score also gives you a breakdown of your score by category, such as identity, devices, data, apps, and infrastructure. You can see how your score compares to the average score of your industry peers, as well as the maximum possible score that you can achieve. You can also track your score over time and see how it changes as you implement or update your security settings.

You're given points for the following actions:

• Configuring recommended security features
• Doing security-related tasks
• Addressing the recommended action with a non-Microsoft application or software, or an alternate mitigation

You only get points for some actions if you finish them completely. For others, you get some points if you do them for some devices or users. You can decide to accept the risk or remaining risk if you don't or can't do one of the actions we suggest.

You'll see recommendations for any of the supported Microsoft products that you have a license for. We display all the potential recommendations for a product, no matter what license edition, subscription, or plan you have. This helps you learn about security best practices and boost your score. Your overall security level, represented by Secure Score, doesn't change based on what licenses your organization has for a specific product. Remember that security needs to be weighed against usability, and not every recommendation may suit your environment.

The information displayed in the visualizations and recommended action pages is used to calculate your score in real time. Secure Score also updates daily to get system data about how many points you have earned for each action.

How to Use Microsoft Secure Score

To use Microsoft Secure Score, you need to have a Microsoft 365 subscription and an administrator role. You can access Microsoft Secure Score from the Defender XDR portal.

Once you access Microsoft Secure Score, you will see your current score and the breakdown by category. You can also see the list of security recommendations that Microsoft provides to help you improve your score and your security posture. Each recommendation has a description, a rationale, a level of user impact, an implementation cost, and a score increase. You can also see the status of each recommendation, such as not scored, ignored, or resolved.

To implement a recommendation, you can either click on the "Go to settings" button, which will take you to the relevant service or setting where you can enable or configure the security control, or you can click on the "Learn more" button, which will take you to the documentation or guidance on how to implement the security control. You can also mark a recommendation as ignored, if you have a valid reason to not implement it, such as a business requirement or a technical limitation. However, you should be careful when ignoring recommendations, as it may lower your score and expose you to potential risks.

You can also review your resolved recommendations and undo them if needed. You can also export your recommendations and your score to a CSV file, which you can use for reporting or analysis purposes.

My Recommendations

Microsoft Secure Score is a powerful and useful tool that can help you improve your cybersecurity and achieve higher levels of security maturity in a structured way. However, it is not a silver bullet that can guarantee your security or compliance. It is a tool that provides you with guidance and insights, but it is up to you to decide how to use them and how to prioritize your security tasks and resources.

Here are some of our recommendations on how to effectively leverage Microsoft Secure Score to boost your cybersecurity:

• Review your score and your recommendations regularly. Microsoft Secure Score is updated daily, and it may change as Microsoft adds new security controls or updates existing ones. You should review your score and your recommendations at least once a week, or more frequently if you have a dynamic or complex environment. You should also review your score and your recommendations after any major changes in your environment, such as adding new users, devices, or apps, or migrating to a new service or platform.
• Focus on the most impactful and feasible recommendations. Microsoft Secure Score provides you with a lot of recommendations, but not all of them are equally important or relevant for your organization. You should focus on the recommendations that have the highest score increase, the highest potential impact, and the lowest user impact and implementation cost. You should also consider your organization's specific needs, goals, and constraints, such as your industry, size, budget, and risk appetite. You should prioritize the recommendations that align with your security objectives and that are feasible to implement in your environment.
• Obtain the assistance needed to implement the recommendations. Microsoft Secure Score provides you with guidance and resources to help you implement the recommendations, but you may not have the time, skills, or resources to do it by yourself. You may need to obtain the assistance of other stakeholders, such as the diffrent IT teams, your management, your users, or your external partners. You should communicate the benefits and the rationale of implementing the recommendations and get their buy-in and support.
• Monitor and measure your progress and results. Microsoft Secure Score allows you to track your score and your security posture over time and see how they change as you implement the recommendations. You should monitor and measure your progress and results and use them to evaluate the effectiveness and the impact of your security improvements. You should also use them to identify any gaps or issues that may arise, and to adjust your security strategy and actions accordingly. You should also report your progress and results to your stakeholders and celebrate your achievements and successes.

Conclusion

Microsoft Secure Score is a valuable tool that can help you assess and improve your security posture across Microsoft 365 services. It gives you a numerical score that reflects how well you are following the security recommendations from Microsoft and provides you with actionable insights and guidance to prioritize and implement the most impactful security improvements. By using Microsoft Secure Score, you can boost your cybersecurity and achieve higher levels of security maturity.

I hope that this blog post has helped you understand what Microsoft Secure Score is, how it works, and how you can use it to boost your cybersecurity. I also hope that my recommendations have helped you leverage Microsoft Secure Score effectively and efficiently.

‍