Key takeaways from the Microsoft Digital Defence Report, written by Leon Godwin

We drew inspiration from the Churchill War Rooms to host our latest Security Briefing – a venue where strategic defence decisions once shaped our history, and now where security professionals learned from Cloud Direct and Microsoft about the new cyber landscape being shaped by AI-driven threats. 

To paraphrase Winston Churchill: “Never before in the field of digital defence has the security of so many relied so heavily on the vigilance of so few.” The battleground consists of intelligence, speed, and resilience, and adversaries are using AI-powered attacks to rapidly infiltrate and compromise organisations, faster than human-based defences can respond. 

From a day in the life of a modern CISO through attack simulations, to insights from Microsoft’s Aileen Finlay and concrete steps that you can take to adjust to the new threats, I’ll reflect on the event and share my take on the newly released Microsoft Digital Defence Report 2025. 

The reality on the ground

On 13 October, the UK government took the unprecedented step of sending a letter out to all UK businesses to highlight the significance of new cyber threats. The letter’s goal was to fundamentally reclassify cyber security from a technical operational task to a critical board-level imperative. By issuing a direct mandate, the government signaled that the intense and sophisticated nature of modern threats now constitutes a primary risk to national economic stability.  

The Microsoft Digital Defence Report 

The recent release of the Microsoft Digital Defence Report makes it clear why the UK government is so concerned, and why you should be too. 

The threat landscape isn’t just evolving – it’s accelerating. Attacks are more aggressive, more organised, and frankly, more relentless than ever. The UK is now ranked number two in the global index of countries most impacted by cyber threats. 

Defence Report takeaways for the Modern CISO 

One theme that kept coming up during the event was the “prevention versus response” paradigm, or what the military calls “Left of Bang” and “Right of Bang.” The Microsoft Digital Defence Report 2025 makes it clear; you can’t choose one over the other. You need both. 

Here’s a breakdown of the key findings of the report, and actions to take off the back of it.  

1. Identity is the Battleground 

Problem: Attackers aren’t only breaking in, they’re logging in. Identity compromise is still the number one entry point for ransomware and data theft, and it’s getting smarter. When you login to a computer you gate a token that is your permission to use that session for a period of time before you need to reauthenticate. Token theft and Adversary-in-the-Middle (AiTM) attacks are on the rise, bypassing traditional protections. Your traditional Multi-Factor Authentication (MFA) that secured you for many years is now simply not enough. 

Solution: Phishing-resistant MFA is the gold standard. 

Action: 

• Audit your Entra ID environment today. 

• Enforce phishing-resistant MFA for everyone, especially admins. 

• Update legacy authentication protocols.

Impact: Phishing-resistant MFA blocks over 99% of unauthorised access attempts, according to the Microsoft report. If you do one thing this quarter, make it updating your systems from traditional MFA to phishing-resistant MFA. 

2. The Double-Edged Sword of AI 

Problem: AI isn’t just our friend, it’s the attacker’s too. They’re using it to craft convincing phishing lures, scale attacks, and even create deepfakes for fraud. 

Solution: We fight fire with fire. AI-driven defence can now contain breaches in seconds, suspending compromised accounts before a human is aware of an issue. This is helped further now that Microsoft Copilot has been bundled into the M365 E5 licenses, rather than an expensive bolt-on. 

Action: 

• Put an AI governance framework in place. ISO 42001 is a great starting point.  

• Deploy AI-powered tools like Copilot for Security, Microsoft Sentinel, and Defender XDR to automate detection and response. 

• You already have access to the phishing simulations within your M365 subscriptions, you should increase the schedule to be at least weekly. 

Impact: Moving from reactive to proactive defence shrinks dwell time, improves awareness, and limits the blast radius of an attack. 

3. Cyber Risk is Business Risk 

Problem: Too often, security is treated as an IT issue. But as we see in the examination of real-world breaches, it doesn’t just impact systems. It’s effecting revenue, supply chains and reputation. In one case this resulted in liquidation of the business and termination of it’s 700 employees.  

Solution: Security needs a seat at the boardroom table. 

Action: 

• Build reports with metrics that matter including, MFA coverage, patch latency, incident response times.  

• Run tabletop roleplaying exercises so your executive team knows what to do when, not if, the breach happens. 

Impact: A resilient culture means the business keeps moving, even when attackers try to stop it. 

What you can do next 

The MDDR 2025 isn’t just a collection of scary stats, it’s a wake-up call. 

If you’re planning your 2026 roadmap and wondering how to prioritise (or fund) these improvements, let’s talk. We can help secure funding for assessments to pinpoint your weakest links and help provide guidance on your security journey.  

Don’t wait for the breach to happen. Build resilience now.

Sign up to one of our Security Innovation consultancy sessions. These sessions are designed to help you with your specific business challenges  

You’ll have heard it said before that ‘there are two types of businesses: those that get ahead and those that get left behind.’ It’s a prediction that’s starting to look increasingly accurate, particularly when it comes to Financial Services. Here we consider how and where AI is being used in the industry, its broader cultural implications, and what you should do to prepare.

“I think there are three main drivers in our industry right now: one is scale, one is complexity, and one is the risk of becoming irrelevant,” explains Kim Sgarlata, CEO of fiduciary services provider Oak Group.

AI has the potential to assist financial services firms with all three of those challenges.

When we talk about AI in financial services, we’re referring to two overlapping revolutions:

• The increasingly established use of data-driven AI, such as data analytics, machine learning, and task automation, along with
• The emerging use of ‘agentic AI’, to autonomously and intelligently execute workflows.

However, don’t think of AI as just a tool for productivity. It is increasingly central to competitiveness, compliance, and customer trust, within a highly regulated and reputation-sensitive environment. To understand why, and how, let’s take a deeper dive into these two areas.

Data-driven AI

Good data is fundamental to the success of data-driven AI initiatives, and for many its existence is far from a given.

“While storing data has become easier, ensuring it’s clean, governed, and consistent across the organisation is the real challenge today,” explained Jonathan Ball in his role as a Data Architect at 7IM.

But, underpinned by reliable data, AI can deliver improvements in:

• Operational resilience and efficiency
  Using AI to pre-emptively identify and fix IT vulnerabilities, before service outages. For real-time anomaly detection and predictive analytics for financial crime prevention, and for automating manual processes.
• Customer insight and experience
  Using a customer’s profile, goals, and risk appetite to provide personalised financial advice, or sentiment and behavioural analytics to understand customer needs and risk behaviours from transaction and communication data.
• Decision intelligence and risk modelling
  Identification of emerging trends, liquidity risks, or portfolio optimisation opportunities. For improved credit risk modelling and underwriting, and automation of regulatory compliance, such as ESG reporting, or early detection of conduct breaches.
• Innovation and product development
  Personalising insurance and investment products to an individual customer’s needs or drawing new insights from customer data to create new services or partnerships.

The role of Agentic AI

Rather than merely generating an output, Agentic AI can plan, reason, and act autonomously to achieve a goal – theoretically without human oversight. However, Financial Services’ governance requirements mean many are cautious about adoption. So, it’s likely that we’ll see a form of ‘bounded’ autonomy in which systems act within well-defined compliance and ethical frameworks.

Industry watchers are already talking of:

• Compliance monitoring, with AI that identifies potential issues and initiates remediation
• Autonomous trading agents, that operate within tightly governed limits
• Customer service agents that manage whole case journeys (eg from claim to resolution), albeit with human oversight
• Portfolio management copilots that propose and rebalance strategies, in line with ethical and regulatory constraints.

Over time, it’s likely that many more use cases will emerge.

Cultural considerations

Perhaps more than anywhere else, cultural and ethical considerations are as important as the technology in financial services. Trust, regulation and human judgement are integral to how the sector operates.

Here are five key areas for consideration.

• Trust and transparency
  Your organisation’s credibility will be eroded if either customers or regulators mistrust your use of AI. The technology must be understood, and teams must be able to explain why a model makes a decision, such as a loan approval or a risk flag.
• Human accountability
  AI shouldn’t be seen as an ultimate decision maker, but rather as something that can make decisions that humans remain accountable for – just like a well-trained, more junior member of staff. This means having a human oversight mindset, clear ownership, and encouraging people to challenge AI output.
• Data ethics and fairness
  You’ll want your use of AI to reflect your organisation’s stance on bias, discrimination, and data misuse. Certainly, those involved in developing your AI uses must be acutely aware that the end product will reflect any biases in its training data – but you should go further than this. Embed data ethics reviews into model design and discuss what’s fair, rather than merely meeting legal requirements.
• Involve subject matter experts
  AI success is heavily dependent on combining technology expertise with the knowledge of business and regulatory specialists. Bring data scientists, compliance officers, product managers, and customer advocates together in cross-functional teams. Encourage mutual learning and a shared language so these don’t degenerate into us and them, ‘tech versus business’, silos.
• The human touch
  Consideration of AI use can easily become very process oriented, but it can also trigger fear and uncertainty for staff. This needs to be sympathetically addressed. It’s also important to recognise that AI isn’t static and that culture needs to evolve with it. This may include ongoing training on responsible AI, bias awareness, and data handling,  as well as changing your organisation’s measures of staff performance to promote explainability and critical thinking around new AI capabilities.    

“The cost of AI is an investment, but one that pays off in saved time, better decision-making, and automation of repetitive tasks,” notes Matthew Ebo, Assistant Strategic Insights Manager, at Lloyds Banking Group.

Moving forwards

If you don’t yet feel fully ready to take advantage of AI, you’re not alone. EY’s ‘State of Financial Services AI transformation 2025’ survey revealed that only 9 per cent feel they are ahead of their peers in AI adoption. Yet, in the same survey, 61 per cent of UK and European executives said they expect AI to have ‘significant impact’.

So, what should you do if you want to improve your organisation’s AI preparedness?

Register to attend a free 1:1 consultancy with one of our Data and AI experts. In this session we can discuss the individual challenges your organisation is facing and help you discover the ‘Art of the possible’ with the right AI tools in place.

In 2025, the UK’s cyber resilience has been tested like never before. Major brands have made headlines after suffering disruptive cyberattacks, forcing them to halt operations and exposing sensitive customer data.

These incidents are not isolated. The UK government’s latest Cyber Security Breaches Survey reveals that 43 per cent of UK businesses experienced a cyber breach or attack in the past year, rising to 74 per cent among large organisations. Phishing remains the most prevalent and disruptive threat, and the financial and reputational costs are mounting. 

For IT decision makers, the message is clear: robust device management is no longer optional, it’s a strategic imperative. 

The evolving threat landscape

• Identity is the new perimeter: With traditional network boundaries dissolving, user identities have become the frontline of defence. Almost all (97 per cent) identity hacks are password spray or brute force attacks. Despite headlines proclaiming more sophisticated attacks, the majority of identity-based attacks still target weak or reused passwords.

• Ransomware on the rise: Human-operated ransomware attacks have surged, with 90 per cent of successful breaches originating from unmanaged devices outside the visibility and control of IT. 

• The AI impact: AI-driven phishing is now three times more effective than traditional methods. The increasing use of AI by attackers poses new challenges for detection and response, although AI can equally be used to defend against attacks such as by detecting anomalous sign-in patterns.

Why Traditional Approaches Fall Short 

Legacy Mobile Device Management (MDM) is no longer sufficient. The modern enterprise requires Unified Endpoint Management (UEM) and Unified Endpoint Security (UES) – these integrate antivirus, encryption, detection, and response into a single platform, ensuring consistent security across all devices and operating systems. 

How enhanced device management protects your organisation 

1. Limit identity breaches by adopting… 

• Mandatory Multi-Factor Authentication (MFA): Enforce phishing resistant MFA across all devices to drastically reduce the risk of unauthorised access, even if passwords are compromised. 

• Adaptive Access Policies: Integrate with Identity and Access Management (IAM) systems to trigger additional authentication or restrict access based on risk factors like device health, location, or user behaviour. 

• Continuous Monitoring & Zero Trust: Leverage AI and machine learning to monitor for anomalies, enforce “never trust, always verify” principles, and detect compromised credentials before they’re exploited. 

2. Prevent data breaches with… 

• Robust Encryption: Ensure data is encrypted both in transit and at rest, including full-disk encryption and protection for removable media. 

• Data Loss Prevention (DLP): Flag, track, and control sensitive data to prevent unauthorised sharing or exposure. 

• Remote Device Control: Instantly lock or wipe lost or stolen devices to prevent data leaks. 

Turning theory into practice 

Addressing Unmanaged Devices 

• Device Discovery: Use tools like Microsoft Defender for Endpoint to identify all devices (managed and unmanaged) on your network. 

• Onboarding: Bring unmanaged endpoints under management to close visibility gaps and reduce vulnerabilities. 

Leveraging Microsoft’s Ecosystem 

• Microsoft 365 & Defender Suite: Deploy built-in MDM, DLP, and Conditional Access Policies for consistent, integrated security. 

• Intune Security Baselines: Rapidly deploy recommended security configurations to all managed devices, addressing the root cause of most breaches – poor configuration. 

Navigating the Age of AI 

• BYOAI Risks: With four in five AI users bringing their own tools to work, device management is essential for controlling application use and preventing data leakage using tools like Microsoft Defender for Cloud Apps.  

• AI-Driven Security: Modern device management platforms use AI to predict threats, automate policy updates, and shift security from reactive to proactive. 

What next?

1. Assess your current device management posture: Identify unmanaged devices, poor configurations, and BYOAI risks. 
2. Adopt a unified, AI-powered device management strategy: Leverage Microsoft’s ecosystem and you’re existing M365 investment for comprehensive protection. 
3. Don’t wait for a breach: Proactive action today is the best defence for tomorrow’s threats. 

---

Ready to strengthen your security posture?

The Microsoft Security Briefing: Data Defence and Governance

Join industry experts and peers to explore the latest strategies, tools, and real-world insights for protecting your organisation in today’s threat landscape.

Secure your spot

The growing adoption of artificial intelligence and increasingly sophisticated cyber threats have collectively redefined what it means to maintain a secure and performant IT environment. Changes no longer happen in months or even weeks – the IT landscape is seemingly altered daily.

So, how do businesses deal with this increasing complexity? That’s where expert Managed Service Providers come into their own.

Modern environment demand modern expertise

The traditional boundaries of IT management have dissolved. Cloud platforms, remote working, multi-device ecosystems and AI-driven automation are no longer emerging trends but established standards. For many businesses, the sheer pace of change can be overwhelming. Internal IT teams, while expertly skilled, are frequently stretched to their limits by balancing multiple priorities including end-user support, cybersecurity, and strategic planning, without the additional consideration of constant, daily upskilling.

An MSP, however, brings specialised expertise, industry certifications and cross-sector experience to the table. Their teams are immersed in the latest technologies and best practices, enabling them to deliver future-focused solutions that are tailored to your business needs. From optimising your cloud footprint to ensuring seamless device management, MSPs keep your environment current and competitive while your teams can focus on what matters most to them.

Security: Proactive protection in a dynamic threat landscape

Cyber security is no longer a siloed departmental concern; it’s foundational to every part of the business – especially as AI and automation become integral to daily operations. However, with this, the risk profile expands.

Threat actors now use AI-powered attacks, targeting vulnerabilities at a pace and sophistication never seen before. To counter this, your businesses security must be proactive, adaptive, and relentless.

MSPs leverage advanced security tools to defend against evolving risks. Importantly, specialist partners can offer continuous monitoring and rapid incident response capabilities that are often out of reach for in-house teams alone. Compliance, too, can become more streamlined, as providers are familiar with navigating complex regulatory requirements. This ensures that your business meets standards such as GDPR and ISO, and is always audit-ready.

Performance: Delivering seamless user experience

Slow systems, downtime, or poorly integrated applications can erode productivity. MSPs can design and maintain environments and ensure they are fully optimised. They implement best-in-class monitoring tools, fine-tune workloads, and ensure that applications, infrastructure, and data pipelines work in harmony.

This focus on performance extends to business continuity. MSPs develop and regularly test disaster recovery and backup strategies, minimising the business impact of unexpected events. With their comprehensive oversight, potential issues are identified and remediated before they disrupt operations, allowing your teams to focus on innovation rather than firefighting.

Future-focused: Navigating the rapid evolution of AI

The transformational impact of AI in the workplace cannot be overstated. But with opportunity comes complexity (as you may have already experienced). Staying abreast of these developments is a daunting task for many businesses.

Gaining a strategic partner in this journey is critical to stay ahead of the curve. They provide a range of benefits, including:

• Ongoing education to upskill employees across your business
• Access to AI specialists to provide insights on emerging technologies
• Guidance on responsible AI use and ensure compliance with regulations.

Strategic growth: A value-driven partnership

Perhaps the greatest value an MSP offers is the ability for your in-house teams to refocus their energies on what matters most – driving the business forward. Routine maintenance, patch management, license optimisation, and regulatory reporting are handled efficiently. This partnership model transforms IT from a cost centre into an engine of value creation, enabling you to seize new opportunities.

The era of AI and rapid technology transformation has raised the stakes for businesses. MSPs act as trusted custodians of your digital environment, combining technical excellence with strategic foresight. They offer peace of mind ensuring you remain secure, compliant, and always ready to embrace the next wave of technological advancement.

If you’re ready to explore how an MSP can support your business goals, then we’re here with more than 20 years of experience in doing just that. As an Azure Expert MSP, we want all businesses to thrive on Azure, and that’s why we are offering an initial, free-of-charge 90 minute consultancy call to help workshop your challenges.

Sound interesting? Book a call.

Used correctly, AI can transform your organisation’s use of data – and The Data & AI Readiness Playbook gives you a seven-stage process for doing this successfully. However, user adoption can make the difference between success and failure for an otherwise well-thought through initiative. Here we look at the issues you might face and how you can overcome them.

As technologists, we want to believe that it’s our choices and actions that make the real difference. But it’s not tools that transform business, it’s people. Survey after survey shows that it’s user adoption that is the real key to the success of your transformation project“, explains Dan Knott, Cloud Direct Data & AI Practice Lead. 

Motivating employees to use new tools effectively, and measuring and managing this, is the difference between costly failure and transformative success. But before we look at how you do this, let’s consider why this might be necessary.  

Why bother driving adoption?

As humans, we are essentially creatures of habit. Neurologically, our brains are wired to form habits, and they account for roughly 40-45% of our daily actions.  

A new process or technology often requires us to change our behaviour – and it may seem easier to carry on as before. So, there’s also a level of inherent resistance to change that needs to be overcome.   

However, as humans we also have a remarkable capacity for learning and adaptation, but we need to see the benefit of change. Subconsciously we’re asking ourselves ‘what’s in it for me?’     

Where AI is involved there’s often an added mix of practical, emotional, and ethical concerns that also need resolving. Will it take my job? Will AI make decisions for me? Can I trust it? Will I be held accountable for AI errors? Will it be used to monitor me?  

Unless and until people know otherwise, these are valid concerns over what AI means for employees’ roles, job security, and daily experience. 

Tackling AI anxiety and engaging employees in change requires much more than good comms. It requires empathy, clear communication, visible leadership, and a people-first approach.  

Initiatives with strong adoption and change management processes are six times more likely to succeed.

According to a survey by change management specialists Prosi.

How to maximise adoption

If we’re being honest, AI is a big shift and for many employees it will be a big deal. So, let’s treat it like one. Here are seven key elements of driving a successful adoption. 

1. Build Change Management in from the start 
   • Establish a formal change management programme from day one. Change Champions will play a vital role as advocates for changes and as providers of peer-to-peer support. Alongside this you need a communication strategy that clearly explains ‘why’ change is occurring as well as the ‘what’ and ‘how’.  
2. Acknowledge and address user concerns  
   • Openly acknowledge anxiety and recognise that resistance is natural and expected. Different groups of employees will have differing needs, and you may need to create safe spaces for concerns to be voiced. Address common objections head-on with clear explanations and evidence. Often resistance stems from job fears, so be transparent about how roles will evolve rather than disappear. 
3. Explain the benefits  
   • Users like clear, tangible benefits. While it’s important to explain how AI is important to the business, answering ‘What’s in it for me?’ is more important in driving adoption. Position AI as an enabler (rather than a threat) and emphasise how AI can remove tedious tasks and support better decisions. Help people to see how it augments human capability, rather than replacing it. Ideally, tailor the messaging and provide use cases that are relatable to different types of roles.  
4. Involve employees early and often 
   • Inclusion turns resistance into ownership, so invite input into how AI can be used in specific departments. Directly ask: “How and where could AI help you most?” Regularly communicate progress and share real examples of how employees are using AI to make work easier or more rewarding. Since personal stories build trust far faster than tech demos, personalise examples to celebrate people, and not just the tech. For example, ‘How AI is helping Julie to produce monthly reports in half the time’. 
5. Provide practical, role-relevant training 
   • Focus on hands-on, scenario-based training, rather than theory. Deliver the training in as many different bite-sized formats as possible to suit different learning styles: lunch-and-learns, online tutorials, quick reference guides, drop-in sessions. As a rule, when people can see the benefit, they want to know more.  
6. Lead by example 
   • If leaders are visibly seen to be using AI, others quickly tend to follow. Not only does leaders’ use signal AI’s importance, but many of us learn working behaviours and practices from those above us. Nothing builds adoption like seeing your boss on the tools. 
7. Measure and iterate 
   • Success in user adoption requires it to be seen as an ongoing journey rather than a one-time event. Track quantitatively (usage rates, task completion times, errors) and qualitatively (user satisfaction and feedback) and use this to identify adoption barriers and continuously improve. 

Although this may seem like a lot of extra work, adoption is likely to be the single biggest determinant of project success. A good partner will help you to engage and involve internal comms, HR, change management and other colleagues that will help you achieve all this.  

Next steps

Download a copy of The Data & AI Readiness Playbook to learn more. You’ll discover how others are preparing for and using AI, and a seven-step process to unlock the value of your business data.