Cyber Security
Attackers are no longer breaking in. They are logging in.
A plain-language guide to Identity Threat Detection and Response, often shortened to ITDR, and why it has become essential protection for every business that uses Microsoft 365.
For years, cyber security was largely about keeping threats off your devices. Antivirus software watched for malicious files, firewalls guarded the network, and the goal was to stop an intruder getting in. That work still matters. The trouble is that the most damaging attacks today do not look like an intruder at all.
The fastest growing threat to New Zealand businesses is not a virus on a computer. It is a criminal signing in to a Microsoft 365 account using a stolen password, then quietly reading email, learning how the business operates, and waiting for the right moment to change an invoice or redirect a payment. To the system, nothing looks wrong. Someone simply logged in.
|
The numbers tell the story The National Cyber Security Centre, the government agency responsible for cyber security in New Zealand, reported that unauthorised access was the single most expensive category of cyber attack, accounting for $3.7 million in losses in a single quarter. Its research also found that one in three small businesses had experienced a cyber attack in just six months, and that the estimated cost of a data breach for a small business is around $173,000. |
Why a strong password is no longer enough
Most businesses already use a password together with multi factor authentication, which is the code or prompt on your phone when you sign in. That remains an important layer of defence. The problem is that attackers have learned to get around it.
They trick staff into approving a login prompt they did not expect. They steal the active session straight after a genuine login, so they never need the password or the code again. Or they simply buy working credentials that have already been harvested from somewhere else. Once they are inside, traditional protection goes quiet, because to every system involved it looks like one of your own people doing their job.
What Identity Threat Detection and Response actually does
Identity Threat Detection and Response, or ITDR, fills exactly this gap. Rather than guarding the front door, it watches what happens after someone has logged in, around the clock, looking for the tell-tale signs of an account takeover and acting before the damage is done.
- It detects sign ins from unexpected locations and unusual patterns of behaviour.
- It spots stolen session tokens and attempts to bypass multi factor authentication.
- It catches the quiet mailbox rules attackers create to hide their fake invoices and replies.
- It is backed by a real team of analysts who investigate genuine threats and respond on your behalf, day and night.
In short, it is the natural next step beyond passwords and multi factor authentication. It assumes that sooner or later a credential will be compromised, and it makes sure that when that happens, someone is watching.
How we help
At Computer Services, we manage Identity Threat Detection and Response as part of a layered approach to security. We set it up, tune it to your organisation, and respond to alerts so that you do not have to. The aim is simple. We want a stolen password to be an inconvenience rather than a disaster.
|
Would you like to understand whether your Microsoft 365 accounts are exposed? We are happy to walk you through it, with no obligation. Or call us | New Zealand 0800 002 367 | Australia 0064 9 441 6509 |
Computer Services Ltd | Your Managed Services Provider | New Zealand Business Number 9429042468806
Source for statistics: National Cyber Security Centre, Cyber Security Insights and 2024 small and medium business research.
