{"id":7230,"date":"2026-02-24T19:10:14","date_gmt":"2026-02-24T19:10:14","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=7230"},"modified":"2026-02-24T19:10:14","modified_gmt":"2026-02-24T19:10:14","slug":"cyber-defense-from-reactive-to-proactive","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=7230","title":{"rendered":"Cyber defense: From reactive to proactive"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>When systems are attacked, we should respond. But how much better would it be if we could anticipate attacks before they strike and stop them with a proactive defense?<\/p>\n<p>Faced with today\u2019s cybersecurity challenges, that is no simple task.<\/p>\n<p>\u201cIt\u2019s a cat-and-mouse situation. AI is changing the speed and sophistication of attacks, and AI is making phishing and social engineering attacks, thanks to deep fakes, harder to detect,\u201d said Kevin McCall, director, cybersecurity, risk, and regulatory at PwC US, speaking during a webcast titled, \u201c<a href=\"https:\/\/urldefense.com\/v3\/__https:\/us.resources.cio.com\/resources\/from-risk-to-resilience-building-a-smarter-cloud-security-strategy\/__;!!Nyu6ZXf5!ookyny_nM3wSj8Cl2ANG25hS8Ue_vv5KrIbZOLOQv-aEUvCYIf1i06tSjUu0w5QdXeOvuxiiFf5PCWo_fuZ7jOD2DwNdBMKWVhM%24\">From Risk to Resilience: Building a Smarter Cloud Security Strategy<\/a>.\u201d<\/p>\n<p>McCall also warns of a \u201csupply chain\u201d of cybercrime consisting of ransomware-as-a-service, as well as threats embedded in developers\u2019 toolsets.<\/p>\n<p>\u201cOnce an attack has occurred, the average time to reduce exposure is 58 days,\u201d noted fellow webinar panelist Nidhu Nalin, principal, cybersecurity, risk, and regulatory at PwC US. A lot of bad things can happen during the nearly two months when malware is on the loose and cyber thieves have access to corporate systems. That\u2019s why being proactive \u2014 detecting and preventing threats, rather than reacting to them \u2014 is so important.<\/p>\n<p>\u201cBeing proactive requires efficient automation. It also requires an integrated platform providing a single pane-of-glass view of the environment, with well-designed, tested, and optimized mechanisms to respond and recover,\u201d said Nalin.<\/p>\n<p>Automation is also important to help overcome the chronic cybersecurity talent gap. \u201cAs AI fuels faster and more sophisticated attacks, relying on staff alone can prolong the detection and prevention of threats,\u201d said Nalin.<\/p>\n<p>Being proactive sounds great, but it doesn\u2019t happen overnight. Multiple disciplines are required, and they should work together. Littus Dsouza, senior product manager at Microsoft, said cybersecurity leaders should focus on these priorities:\u00a0\u00a0\u00a0<\/p>\n<p>Defense in depth with layered security controls<\/p>\n<p>Zero trust, leveraging access controls to never trust but always verify<\/p>\n<p>Multicloud infrastructure to reduce risk and provide redundancy<\/p>\n<p>Security by design that \u201cshifts left\u201d to start and stay secure<\/p>\n<p>Exposure management and attack-path mapping to reduce risk by understanding misconfigurations and vulnerabilities<\/p>\n<p><strong><br \/>What\u2019s the answer?<\/strong><\/p>\n<p>Microsoft Defender for Cloud is a suite of security products, integrated with other Microsoft products as well as third-party applications, that helps enterprises achieve these goals. Because it automates investigation and response, it helps organizations respond quickly while mitigating the need for a large, highly trained staff.<\/p>\n<p>Dsouza noted that Defender for Cloud draws on Microsoft Threat Intelligence, analyzing over 80 trillion signals daily \u2014 information that tells cybersecurity leaders what is coming. \u201cMicrosoft Defender for Cloud transforms security from reactive to proactive by helping organizations anticipate and prevent attacks with continuous monitoring and automated response,\u201d said Dsouza. Defender for Cloud isn\u2019t only for Azure \u2014 it can safeguard workloads across AWS, Google Cloud, and on-premises environments from a single dashboard.<\/p>\n<p>PwC works with Microsoft to help organizations implement Defender for Cloud. \u201cPwC helps enterprises design and implement tailored security architectures, enhance multicloud posture, and align security with business goals,\u201d said Dsouza.<\/p>\n<p>Those efforts paid off for one Fortune 500 company. PwC helped deploy Defender for Cloud across the organization, during a data center migration. Integration with Microsoft 365 and Azure centralized endpoint policy configuration to confirm consistent security across the overall organization, said Nalin.<\/p>\n<p>With bad actors arming themselves with AI, Defender for Cloud and PwC aim to keep you a step ahead. \u00a0Said McCall, \u201cIf you\u2019re not using automation, you\u2019re falling behind.\u201d<\/p>\n<p>View the <a href=\"https:\/\/url.usb.m.mimecastprotect.com\/s\/_-I7CKAo6ofLx4xvUMfRI5AReP?domain=urldefense.com\">full webcast<\/a>. For a deeper dive into Microsoft Defender for Cloud, PwC services, and cybersecurity leading practices, visit: <a href=\"https:\/\/url.usb.m.mimecastprotect.com\/s\/fIxXCM7q9qsjVzV0SJi6I8lwIK?domain=pwc.com\">www.pwc.com\/us\/microsoftcyber<\/a><\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>When systems are attacked, we should respond. But how much better would it be if we could anticipate attacks before they strike and stop them with a proactive defense? Faced with today\u2019s cybersecurity challenges, that is no simple task. \u201cIt\u2019s a cat-and-mouse situation. AI is changing the speed and sophistication of attacks, and AI is [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":7231,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-7230","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7230"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7230"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/7230\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/7231"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}