Do we have a Mis-Dis Information Prevention and Protection Solution?

Elias1010 

We often advise our clients that it starts with Organisational Readiness + Employee Engagement is the first thing that needs to be done. Items such as End-user comms, Leadership talks, IT Security refresher trainings are your first barrier in protecting data.

Then we focus on the tech:

1. First, look into using Microsoft Defender for Office 365 because this is what you can use to simulate a phishing attack: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-simulations?view=o365-worldwide. This tool is great to test if your end-user awareness campaigns are successful.
2. Second, look at your Information Classification and Data Loss Prevention policies. If you have sensitive data that you think could be affected by a Mis-Dis information then ensure that you have a policy that cover those data.
3. Third, look at Purview Insider Risk Management, this solution can help you analyse, assess and take actions on activities based on risks that you define. Example: The new Mis-Dis information tells people to start downloading and printing all data from HR. With Insider Risk, you can identify these actions once it breaches your defined threshold: https://learn.microsoft.com/en-us/purview/insider-risk-management
4. Fourth, Purview Communication Compliance, can help you identify risky conversations in Teams, Email and Yammer. Mis-Dis Information messages are designed to use sensational keywords to trigger emotions. IF you put a policy for items such for words like "shocking," "incredible," "you won't believe," or "experts are stunned" then you'll be able to catch them before it spreads.