Blog Post

Healthcare and Life Sciences Blog
3 MIN READ

Microsoft Security Matters - Aug 2020

Jeremy Windmiller's avatar
Sep 03, 2020

General News

Microsoft Security | Fall 2020 Public Webinars edition

Microsoft Security: What cybersecurity skills do I need to become a CISO?

Microsoft Security: How to cultivate a diverse cybersecurity team

Securing MEM at Microsoft

Rethinking IoT/OT Security to Mitigate Cyberthreats

How do I implement a Zero Trust security model for my Microsoft remote workforce?

New data from Microsoft shows how the pandemic is accelerating the digital transformation of cyber-security

Zero Trust: From security option to business imperative overnight

How to organize your security team: The evolution of cybersecurity roles and responsibilities

Afternoon Cyber Tea: Revisiting social engineering: The human threat to cybersecurity

How Microsoft Mission Critical team helped secure AAD

Microsoft joins Open Source Security Foundation

 

Azure Security & Compliance News

Become an Azure Security Center Ninja

Automation to Block Brute-force Attacked IP detected by Azure Security Center

Threat Protection for SQL IaaS VMs running on-premises using Azure Security Center

Threat Protection for SQL IaaS VMs hosted on Azure Arc using Azure Security Center

Built-in vulnerability assessment for VMs in Azure Security Center

Azure Security Center Secure Score Reduction Alert

Best practices for layering on cloud security through Azure Marketplace

Detect attacks using Application Gateway and Web Application Firewall

Remediate Vulnerable Secure Channel Connections with the Insecure Protocols Workbook

What’s New: Query line numbering, Azure Sentinel in the schema pane

MSTIC Notebooklets - Fast Tracking CyberSec Jupyter Notebooks

Monitoring Azure Kubernetes Service (AKS) with Azure Sentinel

Guided Hunting Notebook: Base64-Encoded Linux Commands

Ingesting log files from AWS S3 using AWS Lambda

Azure Sentinel Insecure Protocols Workbook Reimagined

What’s new: SOC operational metrics now available in Azure Sentinel

Whats new: Azure Sentinel and Microsoft Defender ATP improved alert integration

 

Microsoft 365 Security (All Up News)

Microsoft Office 365—Do you have a false sense of cloud security?

Security baseline for Microsoft Edge version 85

Security baseline (FINAL): Windows 10 and Windows Server, version 2004

Application Guard for M365 Apps public preview

Security best practices for Windows Server Update Services (WSUS)

Managing BitLocker with Microsoft Endpoint Manager

 

M365 Identity & Data Protection (Azure AD, Intune, AIP, MCAS)

Conditional Access policies now apply to all client applications by default

Microsoft Authenticator app lock now enabled by default

Risky Business in Azure AD…

Automated user provisioning from SAP SuccessFactors is now GA

ALERT! New Blog Series: Automation in Cloud App Security

New study by Forrester shows customers who deploy Azure AD can benefit from a 123% ROI

Assigning groups to Azure AD roles is now in public preview!

Using Azure PIM for the AIP Super User feature management

Let's Talk About Azure Active Directory and the Microsoft Identity Platform

Gartner announces the 2020 Magic Quadrant for Unified Endpoint Management

 

M365 Threat Protection (Office ATP, Windows Defender ATP, Azure ATP/ATA)

Microsoft Defender ATP Ninja Training: August 2020 update

Webinar: How to maximize Microsoft Defender ATP configuration using attack simulations

On-demand webcast series: “Tracking the adversary”

Pull in more intelligence and act fast while you hunt

Microsoft Defender ATP Daily Operation - Part 1

Microsoft Threat Protection now uses more descriptive incident names

Introducing an improved timeline investigation with event flagging

Introducing EDR in block mode: Stopping attacks in their tracks

Microsoft Defender ATP: Web Content Filtering

A new look for threat analytics

Microsoft Defender ATP for Mac is moving to system extensions

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

How can Microsoft Threat Protection help reduce the risk from phishing?

Microsoft Defender ATP: Remediate Apps Using MEM

Linux ATP Configuration and Operation Command List

Microsoft Advanced Threat Protection for Linux

 

M365 Compliance & Governance

FAQ for Teams compliance

New features and improvements to Sensitivity labels for Containers Webinar

Classification Depth Private Preview

 

Regards,

 

Jeremy Windmiller | Enterprise Security Architect, CISSP, CEH, ITIL | Microsoft – Healthcare

Updated Sep 03, 2020
Version 1.0
  • tangledscott's avatar
    tangledscott
    Brass Contributor

    I think Abbas Kudrati 's article on what one needs these days to make a successful run at CISO is excellent and I couldn't agree more. All too often, I've seen highly gifted security experts promoted into these roles only to fail miserably because they either lacked more comprehensive business knowledge and skills or because they simply couldn't learn them. Being a successful CSO/CISO is no longer about being a world class cybersecurity SME (sadly). As is the case with many upper level executive positions, it's increasingly crucial to not only have some "big picture" knowledge and ability, but to become as well versed in such as possible as the need to work and collaborate with people and departments one once didn't need to even think about seems to have gone the way of the dinosaur in many places, and in many companies one has to be able to see the big picture and design their various strategies with a larger and in a more cohesive manner than one once did. I recall reading an article in Forbes magazine quite awhile ago that quoted some high level CEOs as mentioning some interesting things and one really stood out to me. (In fact, since then I've acquired and read some books on this very topic.) Where long ago, "Renaissance men [gender inclusive]" were deemed valuable, over the past several decades, the trend has been to specialize to the point of one becoming an expert in one or perhaps two areas, but at the exclusion of nearly everything else. Meanwhile, those once highly regarded as Renaissance types were given the title of "generalist" and no longer so highly regarded. Yet it seems the trend is reversing and now, while SMEs in many areas are still valued and needed, many things have contributed to a greater interest and potential need for the Generalists once discarded. In fact, this Forbes article quoted some prominent leaders as saying they value Liberal Arts degrees, especially English, over something like Accounting, Mechanical Engineering, Communications Engineering (Networking/Electrical), etc., because in their opinion, many such grads have skills many others lack, such as critical thinking skills, abilities to adapt to a variety of roles and fields, as opposed to others trained in one and only one area. I find it almost ironic, because I chose to study and get degrees in a wide variety of areas ranging from English to Law to Computer Science to Electrical Engineering to Creative Writing to Software Development, etc. For awhile, I was both in high demand yet often feeling as though many SMEs looked down on me. However, now after many decades of work, as I look back, I realize many former colleagues have been successful and done much, but I have as well, but in a variety of fields and roles that many others have not had such opportunities. Thus, while working in many IT and Engineering divisions, I also worked in journalism, advertising, project and program management, security, academia, publishing, healthcare, physics, policy, as a senior executive, consulting and more, and I've had an interesting life and career as a result. So finally circling back to Kudrati 's post, if I hadn't learned -- sometimes by being thrown into the deep end -- to become knowledgeable and successful in other realms and roles than simply IT/Engineering, such as marketing, advertising, negotiating, going to bidder's conferences, etc., I doubt I would have ended up having the career I did, so I hope those who have not taken Kudrati's advice definitely consider the wisdom imparted in this blog post because it could prove to be invaluable to many.