What you don’t know can’t hurt you. Really?

Man and woman looking at computer.png

Let’s turn that old saying around. What you don’t know CAN hurt you.“What don’t you know?” is a better question – one that’s particularly suitable when it comes to your customers’ security.

There are some aspects of cybersecurity that are impossible to know ahead of time, like when an organization will be hit, or by whom, so it’s even more important to master the things you can. Early detection is imperative to protecting an organization.

However, many companies don’t act until after a data breach occurs. A 2017 Cost of Data Breach Study by the Ponemon Institute shows that the mean time to identify a data breach is 190 days.

Once a breach occurs, organizations will typically try to tighten their security posture. Forrester asked global decision-makers responsible for network security what they have changed at their firm as a result of the breaches occurring in the past 12 months:

  1. 35% - Additional security and audit requirements
  2. 28% - Security and/or privacy are regularly evaluated/discussed
  3. 27% - Increased spending on threat intelligence capabilities
  4. 26% - Increased spending on prevention technologies
  5. 22% - Increased spending on incident response programs

While these measures are all important, ideally organizations would have both proactive and reactive security measures that help protect, detect, and respond to cyber threats. This is where security assessments come in. They’re powerful tools that shine a light onto potential problem areas, helping organizations make informed decisions about their security position. 

Partner-led security assessments help drive more productive customer engagements

Our expanding set of assessments make it easier for partners to help customers become more proactive by giving them a clearer understanding of their security position, potential risks, and a roadmap to move forward:

  • Office 365 Security Assessment: Help identify a customer’s security objectives and requirements and help them create a prioritized and actionable security roadmap for Office 365 with this two-day assessment. This assessment is based around Office 365 Secure Score. Download here.
  • Shadow IT Assessment: Help customers discover cloud usage in their organization, including Shadow IT reporting and control, using Microsoft Cloud App Security. This is a three-day assessment. Download here
  • GDPR Detailed Assessment: Help identify a customer’s GDPR maturity level by assessing the organization’s people, processes, and technology relevant to GDPR in this two-day assessment. Download here
  • Rapid Cyberattack Assessment: Help businesses understand their vulnerabilities to rapid and destructive cyber attacks and provide them with recommendations on mitigating attacks with this short survey and technical assessment. Download here

Each assessment addresses a unique customer need so you can choose the right one for a customer’s particular need.

“Everything starts with an assessment. It’s a truism around our organization that you pretty much can’t do anything until you know something about the client and you have assessed their vulnerabilities.”

-Bruce Ward, VP of Business Strategy, Peters & Associates

Use the assessments above as a convenient starting point for informed customer conversations that reinforce your position as a trusted advisor. And, visit the Microsoft 365 Security and Compliance Partner Portal for more information and resources.


Great post, very useful. 

Level 6 Contributor

Great insight on security in companies which is a very interesting topic nowadays when hackers are so specialized in their field. We need as entrepreneurs to act to prevent those sad things occuring and to do this cyber-security from competent partners is required and self diligence by avoiding to visit suspected sites.


Thanks Natee!

This is a very important topic and as IT is now part of everything in society - we as part of the industry need to do everything that we can. 

Partners that are great at cybersecurity will help customers to stay safe and that is great for everyone. Better to be prepared for the worst instead of falling victim of bad planning. There are things that you can probably not protect yourself fully from, but their are many scenarios where you can minimize the impact by taking the right precautions. And this is where we as partners can make an effort.


Regards, Per


PS. Being great at cybersecurity is also a very profitable practice area with growth potential.