Office 365 is being rapidly adopted globally by both the private and public sectors. But the rush to the cloud and SaaS services, such as those offered by Microsoft and Amazon, may have a cybersecurity downside.

In more than 70 per cent of the breaches investigated over recent years, compromised credentials played a significant role. 

It looks certain this trend is continuing with the recent Office 365 breaches. Organisations need to ensure their threat lifecycle management (TLM) platform has user and entity behaviour analytics (UEBA) to make the most from the latest artificial intelligence (AI) and machine learning (ML) capabilities.

Using AI and ML is critical for looking at changes to user behaviour, indicative of compromised credentials, in large datasets. AI and ML can do the heavy lifting to create a list of high-risk users that human analysts in the security operations centre (SOC) can investigate further.