Get immediate help for cyber attacks with our new Incident Response services LEARN MORE >

Services

We’re a selected team of skilled cybersecurity professionals who work as an extension of your IT staff, as well as best-in-class technology to add an additional layer of protection to your organization.

View our Managed Services
Ask About Our Outsourced Cybersecurity Program

Our comprehensive outsourced cybersecurity program leverages advanced technology and expert professionals to enhance your security without the need for in-house capabilities.
 

Learn more

Partners

We collaborate with best in the business to ensure our customers receive the highest levels of care and support. These trusted relationships allow us to better serve and educate our customers.

Regional Partner of the Year Award

Partner of the Year Award

Why Inversion6

With an abundance of solutions and providers, the task of choosing the right option is critical and can sometimes be overwhelming.

industry validation

"Thanks to Inversion6, we now have an established protocol and response procedure whenever incidents are detected. Now, we are able to act immediately to prevent a security event from becoming a larger incident."

Read Full Story

Resources

Our experts are thought leaders in the cybersecurity space. From blogs to publications and webinars, check out these resources to learn more about what’s trending in our industry and how you can stay ahead.

Why Cybersecurity Should Be Driving Your Enterprise Risk Management Strategy

By Christopher Prewitt

Read Article
Latest Inversion6 Press

CISO Craig Burland’s latest byline in Cyber Defense Magazine discusses the importance of accountability in cybersecurity.

View Story
June 9, 2025
By: Ken Perkins

5 Practical Lessons from the Latest Microsoft Digital Defense Report


Microsoft blocks 600 million cyberattacks every single day, and yet identity breaches, ransomware and accelerated scams are still popping up faster than most small and midsized businesses (SMBs) can knock them down.  

The most recent Microsoft Digital Defense Report (MDDR) reveals five standout patterns that point the way toward smarter defense. From stubborn password problems to ransomware gangs tampering with your security tools and sprawling attack paths leaving “crownjewel” assets exposed. 

Here are some tips on how to turn those insights into action—and solve some of today’s highest risks. 

 

1. Protect the Passwords 

According to Microsoft, 99% of identity attacks still aim for passwords; in fact, they block roughly 7,000 password-based attacks every second. It’s a stubborn problem, but one of the best ways to fight back is to move toward phishing-resistant Multi-Factor Authentication (MFA).  

Technologies like passkeys (FIDO2, Windows Hello) and number matching in Microsoft Authenticator make common tactics like credential replay, spraying and phishing much harder to pull off. 

SMB action plan: Enforce MFA across the board. Mandate passkeys for admins and use Conditional Access policies based on user location or device. Inversion6 offers a quick-start sprint to roll out tenant-wide Entra ID policy hardening. 

 

2. Assume Ransomware Will Strike 

Ransomware is no longer just an opportunistic threat; it's becoming much more sophisticated and persistent. According to the MDDR, human-operated ransomware attacks have nearly tripled year over year. 

Attackers are also evolving fast, employing more sophisticated tactics like disabling or tampering with antivirus or EDR tools before launching their full-scale attack. In just one month, Microsoft observed 176,000 of these sorts of tampering events. 

SMB action plan: Lock down tamper protection in Microsoft Defender and deploy Intune security baselines. Segment your backups away from the main network and rehearse recovery with “assume breach” scenarios—including just-in-time admin access using Privileged Identity Management (PIM). 

 

3. Shorten Your Attack Paths 

According to Microsoft, 90% of organizations have at least one attack path that leads directly to sensitive accounts. Even worse, 40% of those paths involve lateral movement through non-interactive Remote Code Execution (RCE).  

The good news? Less than 1% of assets are truly mission-critical, making prioritization achievable. 

SMB action plan: Use exposure management tools to scan for attack paths. Identify the top three high-risk chains and implement zero trust segmentation to block lateral movement and safeguard crown jewel assets. 

 

4. Get Ready for an AI Arms Race 

Right now AI is powering both the good guys and the bad. Hostile nation-states and cybercrime groups are using AI-generated images, deepfake audio and realistic spear-phishing kits to scale and personalize attacks.  

Meanwhile, defenders are using Microsoft’s Security Copilot and Defender XDR to cut incident triage time. These tools can be powerful, assuming they’re properly set up and trained. 

SMB action plan: investigate Microsoft Security Copilot or engage a Managed Security Service Provider (MSSP) to co-manage the tool. For key processes, consider adding voice biometrics as a fallback authentication method. Update your incident response runbooks to include steps for verifying deepfakes. 

 

5. Fight Fraud with Better Tools & Training 

Fraud isn’t just rising, it’s exploding. According to Microsoft, tech support scams now generate over 12 million hits per day, eclipsing traditional malware and phishing. Analysts also report a 58% spike in phishing, including newer tactics like QR code lures and inbox rule manipulation. Meanwhile, covert app-layer DDoS attacks peaked at 4,500 per day in June 2024; a reminder that availability is also a security issue. 

SMB action plan: Enable Microsoft Defender for Office Safe Links, which now rewrites malicious QR codes. Run quarterly phishing simulation drills and reward employees who report suspicious messages. For public-facing apps, invest in Azure DDoS Network Protection or a comparable service to protect against disruptions. 

 

Inversion6’s Microsoft Security Assessment benchmarks your organization against these  key areas and more. Even better, we’ll deliver a 90-day remediation roadmap customized for your business.  

Contact us today to learn more. 

Post Written By: Ken Perkins

Related Blog Posts

Let's TALK

Our team of experts in information security, storage, and networking works alongside your team to implement technology solutions that are smart, flexible, and customized to fit your needs. Ready to learn how we can help strengthen your technology environment? Fill out the form below to get started.

TALK TO AN EXPERT