Microsoft’s 2025 Cybersecurity Guide: Strengthening Identity Protection and Threat Defense
Microsoft’s 2025 cybersecurity strategy emphasizes a "secure by default" approach, Zero Trust principles, and AI-driven protections.
Published: Jan 29, 2025
Key Takeaways:
- Microsoft suggests enforcing MFA and mitigating risks from shadow IT and non-human identities.
- Organizations should implement Zero Trust principles across all resources.
- Security Copilot helps reduce incident response time, while generative AI assists in managing app risks.
Microsoft has detailed key security recommendations for enterprises in 2025, emphasizing a proactive approach to data protection. The company urges businesses to strengthen their defenses against AI-driven attacks and phishing threats by adopting advanced security measures.
“Reactive security isn’t enough to safeguard your environment. Our guidance for 2025 is to always start at the highest level of security (Secure by Default), then dial back as needed for compatibility or other reasons. It’s also critical to protect all identities: employees, contractors, partners, customers, and, most importantly, machine, service, and AI identities,” Joy Chik, President of Identity & Network Access at Microsoft.
Strengthen security with a “Secure by Default” approach
Microsoft urges organizations to adopt a “secure by default” approach by enforcing multifactor authentication (MFA) and addressing security risks from shadow IT and non-human identities. Administrators should actively detect and monitor unauthorized apps within their systems to strengthen security.
To address these challenges, Microsoft has introduced features like managed Conditional Access policies and phishing-resistant authentication methods such as passkeys. Additionally, the company has expanded MFA support to Microsoft Azure and Intune portals, enhancing overall protection.
Extend Zero Trust access controls to all resources
Microsoft also recommends organizations to extend Zero Trust principles to all resources and entry points. Organizations can consider unifying access policy engines, extending modern access controls to all apps and internet resources, and enforcing least privilege access. Microsoft suggests using the Entra Suite to implement a Zero Trust security model, and Entra Private Access to replace traditional VPNs with a more secure, modern solution.
Use Gen AI to protect against cyber threats
Microsoft has found that Security Copilot helps organizations reduce the average time required to address security incidents by 30.13 percent. The integration of Security Copilot with the Microsoft Entra admin center is currently available in preview for commercial customers. Security teams can leverage to mitigate and block identity compromise attacks within their organizations.
Additionally, administrators can use natural language commands to troubleshoot sign-in issues and gain actionable insights across user and group details as well as sign-in/audit logs/diagnostic logs. Generative AI is also useful for managing and remediating app risks and gaining insights into workload identities, permissions, and cyber threats.
Microsoft is taking a proactive approach to enhance security by removing outdated and non-compliant systems. As part of this effort, the company has deleted 730,000 obsolete apps and eliminated 1.7 million unused Microsoft Azure Active Directory and Entra ID systems from both production and test environments.