As we explored the capabilities of Copilot for Security, we discovered that while the native plugins offer access to a vast array of data, they didn't cover everything we needed for some of our specific use cases and promptbooks. For instance, we wanted detailed insights into Conditional Access policies from Entra ID, Intune policies, Secure Score, and more. Although Microsoft continues to enhance the native plugins by adding new skills, we opted to develop our own custom plugins.

Fraudulent cyber attacks targeting the airline industry are a common issue largely seen coming out of the underground, such as the deep and dark web. According to RSA Security, airlines are the industry most affected by online fraud, accounting for 46% of fraudulent transactions. As a result, the financial costs for airlines are huge with losses due to fraud estimated at 1.2% of the total global airline revenue.

We're excited to announce that Protiviti, a global leader in consulting services and recognized authority in Microsoft compliance and identity, has formed a strategic partnership with BlueVoyant, an industry-leading MXDR Sentinel services provider, that additionally offers an AI-driven cyber defense platform.

We are over the moon to share that BlueVoyant has been awarded the Microsoft Worldwide Security Partner of the Year, demonstrating our leading-edge cyber defense capabilities and our strong partnership with Microsoft. We have also been recognized as the Microsoft United States Security Partner of the Year for the third time, and the Microsoft Canada Security Partner of the Year for the first time.

October is rapidly approaching, and that means new cybersecurity regulations known as NIS2 are set to be enacted by European Union (EU) member states. States are required to publish their local version of the NIS2 Directive into law by the 17th of October. Whilst many countries are well on track, however, some have already acknowledged they will not meet the deadline. This delay leaves organisations somewhat in the dark as to what they will need to comply with and by when.

The most effective Third-Party Cyber Risk Management programs prioritize risk remediation as highly as risk identification. While Security Ratings Service (SRS) have long focused on risk identification, the burden of curation and remediation has traditionally fallen on the customer. Let's look at how best-in-class security programs achieve measurable cyber risk reduction through effective guided remediation.