Bridgewater goes all in on Microsoft Defender Experts, heralding a new age in managed security services

Bridgewater rose to the top of the financial space through a blend of innovation and proactive security strategy. It takes a global view, focusing on the long term to stay ahead of trends and deliver the best possible results for its hedge fund customers. That’s why the company has embraced a community-minded strategy that helps it focus its considerable energies on financial markets while entrusting Microsoft to augment its cybersecurity team. After all, Bridgewater contributed its extensive security expertise to shape the service, so it knows that it’s effective.

“Only Microsoft offers a coherent architecture that combines end-to-end security solutions with such a high and broad degree of productivity, hardware, and tight interoperability.”

Igor Tsyganskiy, President & Chief Technology Officer, Bridgewater Associates

Download video transcript

It’s the world’s largest hedge fund, managing about $150 billion in assets for institutional investors around the globe. Westport, Connecticut–based Bridgewater Associates identifies with the security concerns that keep cybersecurity professionals at companies of all sizes up at night, from multinational corporations to the local pizzeria. In a world where threats evolve ever faster, companies that might otherwise struggle to find the bandwidth and expertise to hunt for threats in their environments now have access to proactive threat hunting by Microsoft.

Microsoft Defender Experts for Hunting (Hunting Experts) is a managed service that merges Bridgewater’s decades of experience in keeping intellectual property and investment data safe with Microsoft Defender Experts. The result: a managed security service that extends security teams so that they can focus on the most complex and immediate security issues, while the company’s line-of-business teams can do what they do best, knowing that their most precious digital assets are protected.

Shaping asset management across the planet

From its beginning in 1975, Bridgewater has pioneered an original approach to understanding and working with financial markets, translating fundamental understanding of the cause-effect linkages that drive global markets into a fully systemized process. “We systemize our knowledge of markets, preserving it in software systems that apply our insights to create value for our clients and strategic partners,” explains Igor Tsyganskiy, President & Chief Technology Officer at Bridgewater. “The decision to buy or sell a stock today might be informed by a rule that we first wrote down 25 years ago, and have compounded on and improved ever since, using ever-increasing intelligence to reflect our logic and apply it to all of the relevant data.” Given the company’s size and the portfolios it manages for its clients, Bridgewater has far-reaching influence and responsibilities that keep data security perennially top of mind.

As Bridgewater charts a steady course through the financial world by taking the long view, it began its digital transformation more than a decade ago, renovating both the technology and infrastructure that support the company’s intellectual property. Under Tsyganskiy’s leadership, Bridgewater also embarked on a strategic relationship with Microsoft, becoming one of Microsoft’s first customers to employ a Zero Trust framework in designing its cybersecurity environment.

But as Tsyganskiy points out, cybersecurity isn’t a one-and-done proposition. “The world changes every day and learning how the full range of influences work together is a never-ending journey,” he says. “Staying on top of both the increasing pace of change and the constantly evolving technology initiatives is vital to my role as CTO. Forming relationships with technology companies to help them shape their technology offerings in response to the challenges we all face is key.”

Building a “village” in the face of a multifaceted threat landscape

Tsyganskiy summarizes his three priorities: facilitating the productivity of Bridgewater’s researchers and investors, ensuring that all information systems perform optimally, and maintaining tight data security. The challenges he encounters grow constantly. Elaborating on those hurdles, he cites Moore’s Law—the principle that computing costs reduce by half every two years, while computer speed and capability double in that same time frame. The result? As the cost of attacking businesses and individuals reduces every year, the number of attackers increases. “Cybersecurity is highly isometric,” states Tsyganskiy. “That’s why we work with Microsoft to help holistically protect not just our environment, but the environments of our virtual neighbors, too. Only a few technology companies in the world are big enough to equalize the symmetry between that user community and attackers, and Microsoft is one of them, if not the only one.”

Protecting one’s virtual neighbors is key. “We need to bring overall corporate security up to a certain standard,” insists Tsyganskiy. “Someone who gets into the local pizza delivery infrastructure can use that access as a steppingstone to another company, then another. Cybersecurity is a cooperative rather than a competitive area. It takes a village to keep us all safer.”

Harnessing the power of “One Microsoft”

Tsyganskiy appreciates the power and productivity imbued in Microsoft Security solutions by AI and machine learning, but for him, there’s no question about the source of the value that Microsoft solutions provide—especially Azure, Windows, and Microsoft 365. “Microsoft Defender Experts for Hunting is like the tip of an iceberg,” he says. “It’s supported by all of the Microsoft applications, technologies, and cloud services, overlaid with security tools that connect the entire system together and then driven by machine learning and human expertise.”

Jessica Payne, Principal Security Researcher at Microsoft, explains the synergy between human expertise and technology: “We’re able to go across the millions of customers who use our product and make sure that there’s a human eye weighing in on the behaviors that happen and whether or not they’re malicious in the environment,” she says. “We take the deep knowledge of our human experts, and we scale it with AI, machine learning, and tooling.”

Bridgewater is now one of the first clients for the managed threat hunting service it helped develop. As part of this new managed service, Microsoft Defender Experts proactively hunt over Microsoft 365 Defender events on behalf of the customer to detect new, emerging threats. This includes hunting for events across endpoints, email, Office 365, cloud apps, and identity—stitching together attack chains that can span across customers’ on-premises resources to the cloud. Microsoft experts proactively notify customers about active threats and are available to help them through the Experts on Demand feature. Customers also receive detailed threat analyses and reports from Microsoft as part of this service.

Tsyganskiy feels that the blend of human talent and expertise with holistic security solutions can only come from one company. “Only Microsoft offers a coherent architecture that combines end-to-end security solutions with such a high and broad degree of productivity, hardware, and tight interoperability,” he says. “We weren’t able to find an alternative that can similarly support our complex needs.” That cohesiveness arises from years of expertise gathered from a large customer base. “Our threat hunting services include the ability to look not just at endpoint data but also in the cloud where Microsoft has subject matter experts,” says Payne. “Our capabilities go where the attacker goes, and we’re hunting proactively to make sure that we’re going to alert you in the earliest stages possible of an attack.”

Regardless of the complexity of a company’s security needs, the growing threat landscape presents an intensifying conundrum. Although attacks are growing in sophistication and frequency, for many companies, they don’t happen every day. But when they do, deep experience with hunting for unknown attackers is critical to finding a bad actor before they do irreparable harm. When scrambling to react to inbound alerts, most companies don’t have the bandwidth needed to proactively search for threats. “To manage security on its own, a company must sustain a very large and growing team,” explains Tsyganskiy. “It’s like trying to maintain your own police force. Given the low frequency of the most sophisticated attacks, this is an insane misallocation of resources 90 percent of the time.”

Building today for a brighter tomorrow

Bridgewater applies its predictive ethos to the challenge of protecting its digital assets. “The question isn’t what it takes to defend Bridgewater today,” says Tsyganskiy. “The question is what it will take to keep us safe 5 to 10 years from now.”

Live with the solution in late 2021, Bridgewater is confident that today’s efficiencies bring both short-term and long-term benefits. “Microsoft has achieved a real feat by creating a managed hunting service that helps protect our sensitive data,” says Tsyganskiy. “Our success with Microsoft Defender Experts for Hunting is only the beginning. We look forward to the lower costs and higher efficiencies as those services increasingly improve—and that’s better for all of us.”

Find out more about Bridgewater Associates on LinkedIn.

“Microsoft Defender Experts for Hunting is like the tip of an iceberg. It’s supported by all of the Microsoft applications, technologies, and cloud services, overlaid with security tools that connect the entire system together and then driven by machine learning and human expertise.”

Igor Tsyganskiy, President & Chief Technology Officer, Bridgewater Associates