Cybersecurity questions for today
|
|
- Shannon Roberts
- 6 years ago
- Views:
Transcription
1
2 Cybersecurity questions for today
3
4
5
6 Microsoft and Cybersecurity?
7 In the news
8
9 OUR SECURITY POSTURE PROTECT - DETECT - RESPOND PROTECT Today s cloud-first, mobile-first world demands the highest level of identity and data security in order to keep your business protected OUR SECURITY POSTURE DETECT Don t wait 200 days to discover you ve been breached. Invest in the tools and services that enable you to detect attacks faster RESPOND Establish a holistic, multidimensional approach to response
10 Cyber growing threats demand a coordinated response Protecting our customers, our company, and our world Sharing broadly with the Microsoft Security Response Center (MSRC) and the Microsoft Malware Protection Center (MMPC)
11 Industry leading capabilities Visibility Context Experience Expertise VISIBILITY CONTEXT EXPERIENCE EXPERTISE Malware largest anti-virus and antimalware service Clients Windows Updates, Error Reports Outlook.com, Office 365 Web content Bing, Azure AD Cloud platform Azure IaaS and PaaS, Azure Security Center Trillions of URLs indexed Hundreds of Billions of authentications, monthly s analyzed Billions of daily web pages scans, Windows devices reporting Hundreds of Millions of reputation look ups Millions of daily suspicious files detonations 1M+ Corporate Machines protected by enterprise IT security Multi-platform cloud-first hybrid enterprise Decades of experience as a global enterprise Runs on multi-tenant Azure environment, same as you Development Security established Security Development Lifecycle (SDL) - ISO/IEC Operational Security for Hyper-scale cloud services Combatting Cybercrime in the cloud & partnering with law enforcement to disrupt malware Incident Investigation and recovery for customers
12 Data Machine Learning Human Analysis
13 Microsoft protecting you Industry Partners Antivirus Network INTELLIGENT SECURITY GRAPH CERTs Cyber Defense Operations Center Malware Protection Center Cyber Hunting Teams Security Response Center Digital Crimes Unit PaaS IaaS SaaS Identity Apps and Data Infrastructure Device
14 SECURE MODERN ENTERPRISE Identity Embraces identity as primary security perimeter and protects identity systems, admins, and credentials as top priorities Apps and Data Aligns security investments with business priorities including identifying and securing communications, data, and applications Identity Apps and Data Infrastructure Devices Infrastructure Operates on modern platform and uses cloud intelligence to detect and remediate both vulnerabilities and attacks Devices Secure Platform (secure by design) Accesses assets from trusted devices with hardware security assurances, great user experience, and advanced threat detection
15 Phase 1: Build the Foundation Start the journey by getting in front of current attacks Critical Mitigations Critical attack protections Attack Detection Hunt for hidden persistent adversaries and implement critical attack detection Roadmap and planning Share Microsoft insight on current attacks and strategies, build a tailored roadmap to defend your organization s business value and mission Identity SECURE MODERN ENTERPRISE Apps and Data Infrastructure Phase 2: Secure the Pillars Secure Platform (secure by design) Devices Phase 1: Build Security Foundation Critical Attack Defenses Phase 2: Secure the Pillars Continue building a secure modern enterprise by adopting leading edge technology and architectures: Privileged Access Security - Industrial Grade protections for critical identities and assets Shadow IT visibility Discover, protect, and monitor your critical data in the cloud Device and Datacenter Security - Hardware rooted protections for devices, servers, and credentials Threat Detection - Deep analyst expertise and unique technical and human insights into threats Cloud Security Risk Mitigation - Chart a secure path as a cloud-enabled enterprise
16 24-48 Hours 1. Beachhead (Phishing Attack, etc.) 2. Lateral Movement a. Steal Credentials b. Compromise more hosts & credentials 3. Privilege Escalation a. Get Domain Admin credentials 4. Execute Attacker Mission a. Steal data, destroy systems, etc. b. Persist Presence Tier 0 Domain & Enterprise Admins Tier 1 Server Admins Tier 2 Workstation & Device Admins
17 Organizational Preparation Education Strategy & Integration 1. Restrict Privilege Escalation a. Privileged Access Workstations b. Assess AD Security 2. Restrict Lateral Movement a. Random Local Password 3. Attack Detection a. Attack Detection b. Hunt for Adversaries 4. Organizational Preparation a. Strategic Roadmap b. Technical Education Tier 0 Domain & Enterprise Admins Tier 1 Server Admins Attack Detection Advanced Threat Analytics (ATA) Hunt for Adversaries Restrict Lateral Movement Tier 2 Workstation & Device Admins Restrict Privilege Escalation
18 Phase 1 Build the Foundation Aligned with Securing Privileged Access (SPA) roadmap
19
20 Phase 2 Secure the Pillars Foundation: Critical Attack Defenses
21 To Cloud or Not to Cloud?
22
23
24 What is driving change? Life before cloud Life with cloud Storage, corp data Users On-premises Only sanctioned apps are installed Resources accessed via managed devices/networks IT had layers of defense protecting internal apps IT has a known security perimeter User chooses apps (unsanctioned, shadow IT) User can access resources from anywhere Data is shared by user and cloud apps IT has limited visibility and protection
25 Virtual Machines Cloud Services App Services Windows 10 Mobile ios Android Nokia X Windows Store ios Android HTML5/JS GALLERY DEPLOY YOUR CODE Load Balancer Gallery Load Balancer VIRTUAL MACHINES Windows WEB ROLE INSTANCES Load Balancer Linux APP INSTANCES VIRTUAL NETWORK SQL QUEUE CACHE TYPE X TYPE Y APP TYPES API APP LOGIC APP WEB APP MOBILE APP STORAGE BLOBS / FILES (Virtual Disks) Database STORAGE SOLUTIONS Blobs/Files Tables/NoSQL API MARKETPLACE COMPUTE NETWORKING IDENTITY & ACCESS MEDIA & CDN Virtual Machines Get full control over a server in the cloud and maintain it as your business requires. Cloud Services Managed Virtual Machines with specific web and worker roles that are stateless Batch For running large scale parallel and high performance computing (HPC) applications Scheduler Create jobs that run reliably on simple or complex schedules to invoke any type of service. Remote App Access Windows apps that run within the Service on VM s from any device and any location. Virtual Network Provision and manage VPNs in Azure and securely link to your onpremises IT infrastructure. Express Route Connect on-premises and cloud data centers directly through dedicated, non-internet lines. Traffic Manager Load-balance incoming global traffic across multiple services running in multiple data centers. Active Directory Identity and access management for cloud applications and ability to link to on-premises Server AD. Multi-Factor Authentication Safeguard access to data and apps with additional physical layer of security control. Media Services Range of services that support video on-demand and live streaming workflows. Content Delivery Network (CDN) Cache content for your apps at 100 s of edge locations to improve user experiences. WEB & MOBILE ANALYTICS Web Apps Managed web platform, get started for free and scale as you go using many tools/ languages. Mobile Apps Add backend capabilities to mobile apps, with native client support on most device platforms. API Apps Create and surface your app logic as APIs for other services and apps to consume. Logic Apps Build/execute business processes by linking your own custom API s with an API Gallery/Marketplace API Management Publish and Manage APIs to developers, partners and employees securely and at scale. Notification Hubs Deliver millions of cross platform push notifications from any application backend, anywhere. HDInsight Big Data (based on Apache Hadoop) analytics that integrate easily with Microsoft Office. Machine Learning Mine historical data with compute power to predict future trends or behavior. Stream Analytics Process data streams in real-time to discover and react to trends. Data Factory Ingest data from multiple sources to combine into a cloud based Data Warehouse. Event Hubs Ingest, persist, process millions of events per second from millions of devices. Mobile Engagement Ingest, persist, process millions of events per second from millions of devices. STORAGE & BACKUP DATA DEVELOPER SERVICES Storage Blobs & Files Store binary application data and web content store for dedicated and shared virtual disks for VM s Backup Managed service that handles backup/restore of Windows Server machines/backup agent. Import/Export For massive data transfer ship encrypted disks to move data in/out of blob storage. Site Recovery Coordinate replication and recovery of System Center private clouds StorSimple Automated, policy driven solution to extend on-premises primary storage for backup / DR. SQL Database Managed relational database service with high availability and selectable performance levels. DocumentDB Store/retrieve millions of JSON objects from a highly scalable NoSQL document database. Redis Cache Make applications scale and be more responsive under load by keeping data closer to app logic. Search Managed, scalable search service for your apps, create tunable search results and ranking models. Tables Massive scale for semi-structured key/value type data in this schema-less NoSQL store. Visual Studio Online Store code, plan and track projects, build, deploy and test apps in the cloud collaboratively. Application Insights Analyze app usage, availability and performance to detect issues and solve problems proactively. HYBRID INTEGRATION Storage Queues Biztalk Services Hybrid Connections Service Bus MANAGEMENT Automation Portal Key Vault Operational Insights COMMERCE Store / Marketplace VM Depot Simple message queue for application de-coupling architecture for scale out. Build EDI and Enterprise App Integration (EAI) solutions in the cloud. Connect apps in Azure with onpremises resources without a VPN or dedicated line. Messaging capabilities (pub/sub, queues) and on-premises to cloud connectivity solution. Run durable PowerShell scripts to automate frequent, long running, complex Azure tasks. Web based experience to provision, control and monitor all Azure services. Safeguard and control keys and secrets in cloud scale hardware security modules. Analyze and troubleshoot onpremises IT infrastructure without using instrumented code. Find and manage other services provided by third parties. Find free open source VM images that you can download and run in Azure Virtual Machines.
26 500+ New releases in the last 12 months
27 >90,000 New Azure customer subscriptions/month >1.5Million SQL Databases running on Azure >500Million Users in Azure Active Directory Azure momentum 1.5Trillion Messages per month processed by Azure IoT 777Trillion Storage Transactions per day >40% Revenue from Start-ups and ISVs
28 Microsoft identity security at a glance >1.3 billion auths every day on Azure AD + 13 billion auths from the consumer space (MSA) Identify 30K potentially compromised users per day Every day the Identity ML system processes >10 TB of data Automatically deflect 1.5 million attacks per day in the consumer space
29 Azure Compliance The largest compliance portfolio in the industry
30 Holistic Cyber Defense how to build?
31 Holistic Cyber Defense is multi-dimensional User Device Data Protect by reducing threat of credential theft Protect across levels Hardware, Software, and Applications Protect data no matter where it is located Detect suspicious behavior and unusual activity Detect any deviations from baseline, policies, or behavior Detect any attempts for unauthorized data access Respond by elevating access requirements based on Risk Respond dynamically to any suspicious device or application Respond to any data leak by removing or monitoring access Secure Development Lifecycle On-premises Hybrid Cloud
32 Our Top Conversations on Cybersecurity Security Assessment Suite Top Scenarios Capabilities (MCS, Premier, ACE) Solution Maps (MCS, Premier, ACE) Cloud Planning on moving apps or DC infrastructure services to the cloud, or planning on moving to O365 Partner with Cloud Productivity Mobile Info Protect Need a strategy to mitigate the risk of users bringing unmanaged PCs, phones, tablets Partner with Devices and Mobility Need to protect data from theft, unauthorized disclosure, and accidental distribution Partner with Cloud Productivity Threats Concerned they have been compromised and wants to be able to detect threats Partner with Cyber Platform Sec Concerned with security risks and vulnerabilities and want to make sure we are doing basic hygiene Partner with Cyber
33 But Start with Basics: Software security does not follow the Lada car evolution model We need to follow changing threat landscape
34 Microsoft Security Technologies
35 Modern Desktops Security
36 Why Windows 10? C R E D E N T I A L G U A R D
37 US Department of Defense Windows 10 Migration - Rationale Microsoft Windows 10 is intended as a crossplatform release and will be a ubiquitous operating system for desktops, laptops, and tablets. Microsoft Windows 10 enterprise edition provides security features that are not available in older versions of Windows These new features, when employed, are critical to mitigating advanced network threats. Rapid implementation to Microsoft Windows 10 will improve our cybersecurity posture, lower the cost of IT, and streamline the IT operating environment
38 Windows 10 Plan by US Air Force
39 04/10/ Headquarters International Staf New HQ NATO Secret
40 04/10/
41 Partnering with Nations to achieve Connected Forces and NATO Forces 2020 goals more efficiently NCIA 5 Goals as defined by the 28 Nations (NC3B): 1. NATO Software for Nations Use 2. Multinational development of interoperability standards & advanced technology 3. Implementation of NATO solutions in multinational forces 4. Test and re-use of NATO solutions by Partners (Sweden and Finland) 5. Enabling Joint C4ISR
42 Available Common Funded Solutions In the NCIA Customer Services Catalogue (examples) NATO Information Portal NATO Tasker Tracker Enterprise NATO Common Operational Picture Land C2 Information System
43 Premier Support Services for NATO Organizational Continuity, IT Service Improvement and Security. 24x7 global support coverage. Support Account Management, Workshops, Problem Resolution Support, Support Assistance, Information Services, Security
44 Microsoft products licenses used for New NATO HQ NATO provides as PFE (Purchaser Furnished Infrastructure & Service): Office Professional Plus Enterprise Client Access Licenses (e-cal) for Windows Server, Exchange Server, SharePoint Server, Lync Server, System Centre, Forefront and SQL Server
45 SharePoint based NATO C2
46 NATO Information Portal Requirements
47
48 Cloud Powered Antimalware Protection
49 DESKTOPS ATTACKS HAPPEN FAST AND ARE HARD TO STOP If an attacker sends an to 100 people in your company 23 people will open it 11 people will open the attachment and six will do it in the first hour.
50 HOW DO THESE ATTACKS USUALLY START? How do they get in? How do they get privilege's? 0days Vulnerabilities Weak defenses Social engineering
51 ADDING A POST-BREACH MINDSET TO THE WINDOWS 10 DEFENSE STACK PRE-BREACH POST-BREACH Device Device protection protection Threat Identity resistance protection Information Identity protection Information Threat protection resistance Breach detection Breach detection investigation & investigation & response response Device Health Attestation attestation Device Guard Device Control Security policies SmartScreen Built-in 2FA Account AppLocker lockdown Credential Device Guard Microsoft Passport Windows Defender Windows Hello :) Network/Firewall Device Built-in protection 2FA / Drive encryption Account lockdown Windows Information Credential Guard Protection Microsoft Passport Conditional access Windows Hello ;) Device SmartScreen protection / Drive encryption AppLocker Enterprise Data Device Guard Protection Windows Defender Conditional access Network/Firewall Windows Defender ATP Advanced Threat Protection (ATP)
52 WINDOWS DEFENDER ADVANCED THRE AT PROTECTION D E T E C T, I N V E S T I G A T E A N D R E S P O N D T O T A R G E T E D A T T A C K S Built in to Windows 10, cloud powered Behavior-based, breach detection Rich timeline for investigation Unique threat intelligence knowledge base
53 Windows Defender ATP helps enterprise customers detect and remediate Advanced Attacks and data breaches Client side dynamic endpoint behavioral sensors and loggers, works side by side with any existing endpoint security technology Powered by cloud Machine Learning Analytics over the largest sensor array in the world Enhanced by the community of our Hunters, researchers and threat intelligence Built into
54
55 Threat Intelligence from partnerships Threat Intelligence by Microsoft hunters Always-on endpoint behavioral sensors Forensic collection SecOps console Exploration Alerts Security analytics Behavioral IOAs Dictionary Known adversaries unknown Files and URLs detonation Microsoft Detection Stack Customers' Windows Defender ATP tenant SIEM / central UX SIEM Windows APT Hunters, MCS Cyber
56 DATA AND COMPLIANCE Client threat data collection Telemetry, automatically collected from on-boarded endpoints, serves to proactively identify indications of attack and can be viewed by customer SecOps. Threat insights are shared among WDATP customers Sample Collection WDATP can be configured to collect samples upon identifying IoAs or suspicious activities, which enables deeper analysis to identify potential threats. Sample collection can be performed automatically for fast detection, or manually after SecOps explicit approval Geolocation Enterprise data will have geo-affinity to a single Data Center geo-location. Each enterprise can select their preferred data center location from available Azure data center locations Compliance and Privacy All customer data resides in compliant storage (Windows Azure), isolated from data of other customers, and secured by access control with full auditing and logging capabilities. PII data anonymized prior to aggregation and processing
57 ONE MICROSOF T VISION Windows Defender ATP Integration & exchange of signals Exchange Online ATP (Office365) Windows 10 Advanced Threat Analytics (ATA)
58 Information Protection
59 Mobile security landscape Comprehensive approach to mobile security and discover a foundation for both management and protection: microsoft.com/ems AZURE ACTIVE DIRECTORY IDENTITY PROTECTION MICROSOFT CLOUD APP SECURITY ATA INTUNE AZURE RIGHTS MANAGEMENT & SECURE ISLANDS
60 Information Protection Vision Classification and labeling Encryption Access control Policy enforcement Document tracking Document revocation Files LOB apps Share internally Share externally (B2B) Share externally (B2C) On any device In any part of the world US EU APAC China Germany
61 Information Protection The 5 Step Program Classify Label Protect Monitor Respond
62 Classification on use
63 Leverage Labels Everywhere Top DLP Vendors DLP, ediscovery, Compliance
64 Apply data-bound protection Cloud Drive
65 Use User/ITPro logs/portals Dan opened gov.doc Fred failed to use gov.doc Jane printed gov.doc *
66 Act on Use/Abuse/Overuse
67 Start small, now, and move quickly
68 Automatic Classification
69
70
71 Manual Classification
72
73
74
75
76
77
78
79 Classification Level Recommendation
80
81
82
83
84
85
86 Reclassification Justification
87
88 Do you trust your Admin?
89 1 requires adherence to secure configuration best practices, e.g. TPM-based attestation Step 1 how things look today and now with Shielded VMs in Windows Server 2016 Server administrator Storage administrator Network administrator Backup operator Hyper-V administrator PHYSICAL MACHINES Yes No No No n/a VIRTUAL MACHINES No Yes 1 No Yes No Yes No Yes No Yes
90 Step 2 Decryption keys controlled by external system Cloud/Datacenter Guest VM Guest VM Guest VM Host OS Hypervisor Hyper-V Host 1 Fabric Controller Host OS Guest VM Guest VM Hypervisor Hyper-V Host 2 Host OS Guest VM Guest VM Key Protection Host Guardian Service Hypervisor Hyper-V Host 3
91 Secure Server OS?
92 Our Server Journey Server Roles/Features GUI Shell Windows/ WindowsNT Full Server Minimal Server Interface Windows NT to Windows Server 2003 Server Core Windows Server 2008 and Windows Server 2008 R2 Server Core Windows Server 2012 and Windows Server 2012 R2
93 And one more little thing: Nano Server A new headless, 64-bit only, deployment option for Windows Server Deep refactoring focused on CloudOS infrastructure Born-in-the-cloud applications Server with a Desktop Exp Nano Server Server Core
94 Nano Server - Roles & Features Minimal footprint Server Roles and Optional Features live outside of Nano Server No binaries or metadata in image Standalone packages that install like applications Key Roles & Features Hyper-V, Clustering, Storage Core CLR, PaaS & ASP.NET V.Next, Containers Full driver support & Antimalware System Center and Apps Insight agents to follow
95 Windows Server 2016 offers a new installation option: Nano Server. Nano Server is a remotely administered server operating system optimized for private clouds and datacenters. It is similar to Windows Server in Server Core mode, but significantly smaller, has no local logon capability, and only supports 64-bit applications, tools, and agents. It takes up far less disk space, sets up significantly faster, and requires far fewer updates and restarts than Windows Server. When it does restart, it restarts much faster. The Nano Server installation option is available for Standard and Datacenter editions of Windows Server Nano Server is ideal for a number of scenarios: As a "compute" host for Hyper-V virtual machines, either in clusters or not As a storage host for Scale-Out File Server. As a DNS server As a web server running Internet Information Services (IIS) As a host for applications that are developed using cloud application patterns and run in a container or virtual machine guest operating system
96 From observations to operations
97
98 Alerts and advisories (three-day notification, public vulnerability announcements, out-of-cycle notifications) Internet safety reference material Microsoft Security Response Alliance portal access Digital Crimes Community portal access Cyber Threat Intelligence Program botnet feeds Malicious URL feeds Other emerging detection guidance
99 Big Data Analytics Sharing with Governments Cyber Threat Intelligence Program 70 million IP addresses 500 million pings/day Volume constantly changing
100
101 The Microsoft Cyber Defense Operations Center Protect Microsoft s cloud infrastructure, customerfacing cloud services, products and devices, and internal resources 24 x 7 x 365 Unite personnel, technology, and analytics in a central hub Provide world-class security protection, detection, and response More than 50 Security Experts and Data Scientists Connected to >3500 Security Professionals across Microsoft Tight partnerships with Microsoft Research and the Security Development Lifecycle (SDL) team
102 Protect Detect Respond Protect customers most valuable assets by helping to prevent cyber-attacks, compromise Monitor customer networks to expose attacks, vulnerabilities and persistent threats Investigate and disrupt suspicious events to provide diagnoses and recommended mitigations Active Directory Security Solutions* ADSA (through ACE); Secure and Resilient AD (through CSS) Credential Theft Mitigation (CTM) Solutions Privileged Account Workstation (PAW); Enhanced Security Administrative Environment (ESAE), etc. Cyber Security Architect (CSA) Security Development Lifecycle (SDL) Maturity Assessment Microsoft Security Risk Assessment (MSRA) Advanced Threat Analytics (ATA) Implementation Services (ATA IS) Persistent Adversary Detection Service (PADS) Microsoft Threat Detection Service (MTDS) Incident Response (IR) Recovery Tactical and Strategic (TR/SR)
103 Security Evaluation and Certification
104 FIPS Validation of Windows 10 The following Microsoft Windows 10 product editions are FIPS validated: Windows 10 Enterprise and LTSB Windows 10 Pro Windows 10 US Federal and Canadian governments have FIPS requirements for the use of cryptography to protect sensitive data. These validation certificates are currently for Windows 10 (TH1). Certificates have been updated at the end of June 2016 to include the Windows 10 November 2015 Update (TH2 / 1511), Windows 10 Mobile, Microsoft Surface Hub, and additional Microsoft hardware devices. For reference, the FIPS validation certificates are posted here:
105 New US DoD Policy - Updated Guidance Concerning the Acquisition of Information Assurance (IA) and la-enabled Products In order to achieve more consistent and efficient use of scarce resources, the NIAP has issued Reference (d) and other guidance that limits the circumstances under which products may be evaluated to: Products claiming compliance with a U.S. approved Protection Profile (with an EAL no higher than that specified in the profile), or When a U.S. approved Protection Profile docs not exist and a government agency requests a Common Criteria evaluation, NIAP will consider accepting a product into evaluation at EAL2 only. Validator resource availability and customer need (as specified in the LOI) will serve as the basis for acceptance
106 NATO Information Assurance Products Catalogue - updated
107 Product Bitlocker - Windows 7, Windows Server 2008 (R2) Hyper-V - Windows Server 2008 (R2) Server virtualization Hyper-V - Windows Server 2012 (R2) Server virtualization ListDlls version 2.25 Microsoft Baseline Security Analyzer (MBSA) versions and 2.0 SQL Server 2008 (R2) SQL Server 2012 SQL Server 2014 Strings, version 2.3. Surface Pro 3 with Windows 8.1 Windows 7 Windows 8(.1) Windows Phone 8(.1) Windows Server 2008 (R2) Windows Server 2012 (R2) Main Category Disk/File Encryption Operating System Security Management Operating System Security Management Computer Forensics Operating System Security Management Database Management System Database Management System Database Management System Computer Forensics Operating System Security Management Operating System Security Management Operating System Security Management Operating System Security Management Operating System Security Management Operating System Security Management
108
109 CC certificate for Windows 10 November 2015 Update with Surface Book against the Mobile Device protection profile Global list of CC-evaluated products Certification listing Security target (the claims we make about Windows 10) The report by the independent evaluation lab The validation report that confirms the lab s findings Windows 10/Windows 10 Mobile FIPS evaluation and Common Criteria Certifications (up to date) Certification Date Completed Evaluated for CC Mobile Device Fundamentals Protection Profile 2.0 January 29, 2016 Windows 10 CC General Purpose OS Protection Profile 4.1 April 6, 2016 Windows 10 CC Mobile Device Fundamentals Protection Profile 2.0 May 12, 2016 Windows 10 Mobile, Windows 10 CC Mobile Device Fundamentals Protection Profile 2.0 June 24, 2016 Windows 10 November 2015 Update FIPS Level 1 June 2, 2016 Windows 10
110
111 Example of Windows 10 Secure Configuration Guidance - Poland
112 What next? We can help
113 SUMMARY Cybersecurity standardization simplifies management and operations Exploiting user credentials in the vast majority of attacks Advanced Threat Analytics can help to detect and mitigate them Microsoft investment in Protect, Detect and Response model is now available for GOV/MIL customers responsible for interoperability and national Cyber Defense/Cybersecurity capabilities development Microsoft Services can be used for operational support and development on GOV/MIL cyber capabilities
114 These practices are still important Part of a complete long term security strategy Domain Controller Security Updates Target full deployment within 7 days Remove Users from Local Administrators Manage exceptions down to near-zero Ensure only admin of one workstation Baseline Security Policies Apply standard configurations Manage exceptions down to near-zero Anti-Malware Detect and clean known threats Log Auditing and Analysis Centralize logs to enable investigations and analysis Software Inventory and Deployment Ensure visibility and control of endpoints to enable security operations
115 CYBER SECURITY DEMYSTIFIED AND IN THE MEANTIME simple but important actions 6to improve your security today: Download your free digital copy of the Cyber Security Demystified ebook and share it with your business stakeholders today: Make sure to regularly check and install the latest security updates Don t run software as an Administrator to mitigate risks Use the most up to date versions of all software and use automatic updates where possible Use firewall and antivirus software to spot threats Develop your software securely. Visit: microsoft.com/sdl to find out more Educate yourself and your staff on the latest risks, common cyber crime methods and best practice
116 Additional Cyber Resources news.microsoft.com/press kits/dcu soft blogs.technet.com/security Azure Information Protection Resources Public preview announcement Support for federated identities Azure AD Identity Protection Documentation Demo playbook End user experience Channel 9 Video APIs Security reader role
117
Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa
Evolution of Cyber Security Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa Nasser.Kettani@microsoft.com @nkettani MODERN SECURITY THREATS THERE ARE TWO KINDS OF BIG COMPANIES:
More informationSecuring Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection
Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection Azure Active Directory 3 rd Party IaaS IaaS Rights Management Services
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationArchitecting Microsoft Azure Solutions (proposed exam 535)
Architecting Microsoft Azure Solutions (proposed exam 535) IMPORTANT: Significant changes are in progress for exam 534 and its content. As a result, we are retiring this exam on December 31, 2017, and
More informationCritical Hygiene for Preventing Major Breaches
SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos
More information#techsummitch
www.thomasmaurer.ch #techsummitch Justin Incarnato Justin Incarnato Microsoft Principal PM - Azure Stack Hyper-scale Hybrid Power of Azure in your datacenter Azure Stack Enterprise-proven On-premises
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationPieter Wigleven Windows Technical Specialist
Pieter Wigleven Windows Technical Specialist HOW DO BREACHES OCCUR? Malware and vulnerabilities are not the only thing to worry about 46% of compromised systems had no malware on them 99.9% of exploited
More informationΟ ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος
Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος Providing clarity and consistency for the protection of personal data The General
More informationBuild an open hybrid cloud and paint it red and blue
Build an open hybrid cloud and paint it red and blue Khaled Elbedri Technical sales lead, Microsoft Ismail Dhaoui EMEA Senior Specialist Solutions Architect, Red Hat Tuesday, May 8, 2018 Agenda RH & MS
More informationCyber Defense Operations Center
Cyber Defense Operations Center Providing world-class security protection, detection, and response Marek Jedrzejewicz Principal Security Engineering Manager Microsoft Corporation 1 Cybersecurity. In the
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationSecuring Your Digital Transformation
Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationDiscover threats quickly, remediate immediately, and mitigate the impact of malware and breaches
Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Introduction No matter how hard you work to educate your employees about the constant and evolving threats
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationAZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments
AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES To Secure Azure and Hybrid Cloud Environments Introduction Cloud is at the core of every successful digital transformation initiative. With cloud comes new
More informationKontejneri u Azureu uz pomoć Kubernetesa što i kako? Tomislav Tipurić Partner Technology Strategist Microsoft
Kontejneri u Azureu uz pomoć Kubernetesa što i kako? Tomislav Tipurić Partner Technology Strategist Microsoft Source: Softpedia Credits: James Niccolai A decade ago no one could have seen this coming.
More informationAgenda. Future Sessions: Azure VMs, Backup/DR Strategies, Azure Networking, Storage, How to move
Onur Dogruoz Agenda Provide an introduction to Azure Infrastructure as a Service (IaaS) Walk through the Azure portal Help you understand role-based access control Engage in an overview of the calculator
More informationMapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective
Mapping Your Requirements to the NIST Cybersecurity Framework Industry Perspective 1 Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationAzure File Sync. Webinaari
Azure File Sync Webinaari 12.3.2018 Agenda Why use Azure? Moving to the Cloud Azure Storage Backup and Recovery Azure File Sync Demo Q&A What is Azure? A collection of cloud services from Microsoft that
More informationPasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP
Pasiruoškite ateičiai: modernus duomenų centras Laurynas Dovydaitis Microsoft Azure MVP 2016-05-17 Tension drives change The datacenter today Traditional datacenter Tight coupling between infrastructure
More informationAccelerate GDPR compliance with the Microsoft Cloud Agustín Corredera
Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera This presentation is intended to provide an overview of GDPR and is not a definitive statement of the law. Businesses and users are
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationHosted Azure for your business. Build virtual servers, deploy with flexibility, and reduce your hardware costs with a managed cloud solution.
Hosted Azure for your business Build virtual servers, deploy with flexibility, and reduce your hardware costs with a managed cloud solution. Azure is approximately 50 percent cheaper than other cloud services
More informationManaging Microsoft 365 Identity and Access
Course MS-500T01-A: Managing Microsoft 365 Identity and Access Page 1 of 3 Managing Microsoft 365 Identity and Access Course MS-500T01-A: 1 day; Instructor-Led Introduction Help protect against credential
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationGo mobile. Stay in control.
Go mobile. Stay in control. Enterprise Mobility + Security Jeff Alexander Sr. Technical Evangelist http://about.me/jeffa36 Mobile-first, cloud-first reality 63% 80% 0.6% Data breaches Shadow IT IT Budget
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationCAN MICROSOFT HELP MEET THE GDPR
CAN MICROSOFT HELP MEET THE GDPR REQUIREMENTS? Danny Uytgeerts Microsoft 365 TSP / P-Seller Privacy Consultant (certified DPO) Member of DPO-Pro (Professional association of Belgian DPOs) danny.uytgeerts@realdolmen.com
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationBUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY
SOLUTION OVERVIEW BUILDING SECURITY INTO YOUR DATA CENTER MODERNIZATION STRATEGY Every organization is exploring how technology can help it disrupt current operating models, enabling it to better serve
More informationWindows Server The operating system
Windows Server 2019 The operating system that bridges onpremises and cloud By maximizing technology and infrastructure investments with Windows Server 2019, forward-facing businesses can capture direct
More informationMicrosoft Azure Stack Hybrid Cloud. The Modern System Architecture
Microsoft & itnetx 2017 Microsoft Azure Stack Hybrid Cloud. The Modern System Architecture Uwe Lüthy PTS at Microsoft www.microsoft.com Thomas Maurer Solution Architect at itnetx Microsoft MVP / P-TSP
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationMODERN DESKTOP SECURITY
MODERN DESKTOP SECURITY I M GOING TO BE HONEST. WE RE IN THE FIGHT OF OUR DIGITAL LIVES, AND WE ARE NOT WINNING! M I C H A E L M C C A U L, C H A I R M A N, U S H O M E L A N D S E C U R I T Y C O M M
More informationAzure Webinar. Resilient Solutions March Sander van den Hoven Principal Technical Evangelist Microsoft
Azure Webinar Resilient Solutions March 2017 Sander van den Hoven Principal Technical Evangelist Microsoft DX @svandenhoven 1 What is resilience? Client Client API FrontEnd Client Client Client Loadbalancer
More informationWindows Server Security Guide
Windows Server Security Guide August 2017 Contents Windows Server 2016 Security Guide... 3 Why is Windows Server 2016 security important?... 3 How does Windows Server 2016 help prevent and detect compromise?...
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS
PARTNER BRIEF ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS INTRODUCTION Attivo Networks has partnered with McAfee to detect real-time in-network threats and to automate incident response
More information70-532: Developing Microsoft Azure Solutions
70-532: Developing Microsoft Azure Solutions Exam Design Target Audience Candidates of this exam are experienced in designing, programming, implementing, automating, and monitoring Microsoft Azure solutions.
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationto protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large
Executive Summary As a County Government servicing about 1.5 million citizens, we have the utmost responsibility to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large
More information70-532: Developing Microsoft Azure Solutions
70-532: Developing Microsoft Azure Solutions Objective Domain Note: This document shows tracked changes that are effective as of January 18, 2018. Create and Manage Azure Resource Manager Virtual Machines
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationExam : Implementing Microsoft Azure Infrastructure Solutions
Exam 70-533: Implementing Microsoft Azure Infrastructure Solutions Objective Domain Note: This document shows tracked changes that are effective as of January 18, 2018. Design and Implement Azure App Service
More informationTRUE SECURITY-AS-A-SERVICE
TRUE SECURITY-AS-A-SERVICE To effectively defend against today s cybercriminals, organizations must look at ways to expand their ability to secure and maintain compliance across their evolving IT infrastructure.
More informationAbout vlad.tomsa@microsoft.com Features: Safeguards Against: Hardcoded Locations Hardcoded storage endpoints API versions available on Azure Stack Resource types unsupported on Azure Stack Referenced
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationGDPR - What does this mean for you? Accelerate GDPR compliance with the Microsoft Services. Konstantin Sviridov Andrey Ivanov.
You Trust IT Путь к безопасности бизнеса GDPR - What does this mean for you? Accelerate GDPR compliance with the Microsoft Services Konstantin Sviridov Andrey Ivanov 06 September 2017 This presentation
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationDeveloping Microsoft Azure Solutions
1 Developing Microsoft Azure Solutions Course Prerequisites A general understanding of ASP.NET and C# concepts Upon Completion of this Course, you will accomplish following: Compare the services available
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationCloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.
George Gerchow, Sumo Logic Chief Information Security Officer Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. Agenda Sumo Security
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationRiskSense Attack Surface Validation for IoT Systems
RiskSense Attack Surface Validation for IoT Systems 2018 RiskSense, Inc. Surfacing Double Exposure Risks Changing Times and Assessment Focus Our view of security assessments has changed. There is diminishing
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationIdentity & Access Management
Identity & Access Management THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? S E C U R I T Y OR P R O D U C T I V I T Y On-premises THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationMicrosoft Azure Storage Abstractions Highly durable and scalable Multiple copies of your data Financially backed SLAs Microsoft Azure Storage Automatic Storage Redundancy Windows Azure Storage Defend against
More informationCrash course in Azure Active Directory
Crash course in Azure Active Directory Crash course in Azure Active Directory Competing today requires a focus on digital transformation and empowering everyone to be creative and work together securely.
More informationWindows IoT Security. Jackie Chang Sr. Program Manager
Windows IoT Security Jackie Chang Sr. Program Manager Rest Physical access to a device will not give access to data Data & Control Execution Data owner has full control over data processing Motion Transport
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationGovernment IT Modernization and the Adoption of Hybrid Cloud
Government IT Modernization and the Adoption of Hybrid Cloud An IDC InfoBrief, Sponsored by VMware June 2018 Federal and National Governments Are at an Inflection Point Federal and national governments
More informationApp Service Overview. Rand Pagels Azure Technical Specialist - Application Development US Great Lakes Region
App Service Overview Quickly create powerful cloud apps using a fully-managed platform Rand Pagels Azure Technical Specialist - Application Development US Great Lakes Region Security & Management Platform
More informationToday s top THREAT ACTORS pose unique challenges
Today s top THREAT ACTORS pose unique challenges An effective strategy must respond to a broad range of continually evolving attack types CYBERCRIMINALS NATION-STATE HACKTIVISTS INSIDERS FINANCIAL Persistent
More informationDynamic Datacenter Security Solidex, November 2009
Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic
More informationIT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,
IT Security Training MS-500: Microsoft 365 Security Administration $2,595.00 4 Days Upcoming Dates Course Description Day 1: Managing Microsoft 365 Identity and Access (MS-500T01-A) Help protect against
More informationAccelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway
Accelerate GDPR compliance with the Microsoft Cloud Ole Tom Seierstad National Security Officer Microsoft Norway This presentation is intended to provide an overview of GDPR and is not a definitive statement
More information[MS10992]: Integrating On-Premises Core Infrastructure with Microsoft Azure
[MS10992]: Integrating On-Premises Core Infrastructure with Microsoft Azure Length : 3 Days Audience(s) : IT Professionals Level : 300 Technology : Azure Delivery Method : Instructor-led (Classroom) Course
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationTransforming Security Part 2: From the Device to the Data Center
SESSION ID: SP01-R11 Transforming Security Part 2: From the Device to the Data Center John Britton Director, EUC Security VMware @RandomDevice The datacenter as a hospital 3 4 5 Digital transformation
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationSOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK
RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK KEY BENEFITS AT A GLANCE Ensure your journey to the cloud is secure and convenient, without compromising either. Drive business agility
More informationTraditional Security Solutions Have Reached Their Limit
Traditional Security Solutions Have Reached Their Limit CHALLENGE #1 They are reactive They force you to deal only with symptoms, rather than root causes. CHALLENGE #2 256 DAYS TO IDENTIFY A BREACH TRADITIONAL
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationMicrosoft 365 Business FAQs
Microsoft 365 Business FAQs Last updated April 27 th, 2018 Table of Contents General... 3 What is Microsoft 365 Business?... 3 Who should consider adopting Microsoft 365 Business?... 3 How can I get Microsoft
More informationTHE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM
THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM Modern threats demand analytics-driven security and continuous monitoring Legacy SIEMs are Stuck in the Past Finding a mechanism to collect, store
More informationDeveloping Microsoft Azure Solutions (70-532) Syllabus
Developing Microsoft Azure Solutions (70-532) Syllabus Cloud Computing Introduction What is Cloud Computing Cloud Characteristics Cloud Computing Service Models Deployment Models in Cloud Computing Advantages
More informationForeScout Extended Module for Splunk
Enterprise Strategy Group Getting to the bigger truth. ESG Lab Review ForeScout Extended Module for Splunk Date: May 2017 Author: Tony Palmer, Senior Lab Analyst Abstract This report provides a first look
More informationTransforming IT: From Silos To Services
Transforming IT: From Silos To Services Chuck Hollis Global Marketing CTO EMC Corporation http://chucksblog.emc.com @chuckhollis IT is being transformed. Our world is changing fast New Technologies New
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationService Provider Consulting
From Microsoft Services 1 Industry Overview More and more businesses are looking to outsource IT, decrease management requirements and ultimately save money. With worldwide public cloud spending expected
More informationSOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2
Requirement Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationPopular SIEM vs aisiem
Popular SIEM vs aisiem You cannot flip a page in any Cybersecurity magazine, or scroll through security blogging sites without a mention of Next Gen SIEM. You can understand why traditional SIEM vendors
More information