Understanding Compliance Between Commercial, Government, DoD & Secret Offerings - May 2026 Update
Understanding compliance between Commercial, Government, DoD & Secret Offerings: There remains much confusion as to what service supports what standards best. If you have CMMC, DFARS, ITAR, FedRAMP, CJIS, IRS and other regulatory requirements and you are trying to understand what service is the best fit for your organization then you should read this article.Secure Azure services and workloads with Microsoft Defender
đ Ready to secure your cloud workloads like a pro? Join us for an upcoming session on Secure Azure Services and Workloads with Microsoft Defender, where weâll go beyond the basics and dive deep into real-world cloud security. đ In this session, youâll learn how to: ⢠Enable and configure Microsoft Defender for Cloud across Azure, AWS & GCP ⢠Strengthen your security posture using Secure Score & Attack Path Analysis ⢠Protect workloads across Servers, Storage, and Containers ⢠Leverage agentless scanning, vulnerability management & JIT VM access ⢠Integrate security into DevOps with GitHub & Azure DevOps ⢠Investigate threats and automate response ⢠Improve compliance using built-in regulatory dashboards Whether you're working in multi-cloud, hybrid, or Azure-native environments, this session will give you practical insights to reduce risk and improve visibility across your estate. đ Donât miss it, level up your cloud security game! đş Register and join live â StreamYard Session đď¸ Date: 11 May 2026 â° Time: 19:00 (AEST) / 11:00 (CEST) đď¸ Speaker: Arnav Sharma đ Topic: â Secure Azure services and workloads with Microsoft DefenderFrom Fragmentation to Resilience: Why Next Gen âWhole of Stateâ Is Future of Pub Sec Cybersecurity
Each year at the Billington State and Local Cybersecurity Summit, one message comes through clearly: the cyber threat landscape facing state and local governments is accelerating faster than traditional models of defense can keep up. Cyber risk is no longer confined to a single agency, system, or jurisdiction. It spans emergency management, education, healthcare, critical infrastructure, and the workforce itself. At the same time, public sector leaders are being asked to modernize services, adopt AI responsibly, and do more with constrained resources. These pressures are not isolatedâand neither can the response be. That is why Microsoft is focused on a Next Gen Whole of State approach: a state-wide, coordinated model that brings together cyber defense, risk management, and workforce development into a unified strategyâdesigned for scale, resilience, and trust. Why âWhole of Stateâ Matters Now Many states have invested significantly in cybersecurity over the past decade. Yet most efforts remain fragmentedâwith agencies operating independently, duplicating tools, and competing for scarce talent. Internal Microsoft analysis and field experience show that this model creates three persistent challenges: Limited visibility across agencies and jurisdictions Inconsistent security posture and response capability Ongoing workforce shortages that slow modernization efforts A Next Gen Whole of State program is designed to address these challenges holistically. It is a state-wide shared services model that improves efficiency, strengthens critical infrastructure defense, and accelerates AI and cyber talent developmentâwhile respecting the autonomy of individual agencies. This is not about centralizing control. It is about coordinating outcomes. Cybersecurity as Critical Infrastructure At Billington, state and local leaders consistently emphasize that cybersecurity must be treated as critical infrastructure protection, not simply an IT function. Next Gen Whole of State reflects that reality by enabling: Shared cyber services across agencies and local governments Proactive identification of vulnerabilities and âslow-burnâ risks Streamlined collaboration during incident response and emergencies By aligning technology platforms, processes, and partners, states can move toward a more collective defense postureâreducing duplication while improving resilience across the entire ecosystem. This approach supports more consistent policy enforcement, better situational awareness, and more efficient use of limited fundingâpriorities that resonate strongly across the state and local community. Workforce Development Is a Security Imperative Another theme that consistently surfaces at Billington is the workforce challenge. Technology alone does not secure a state. People do. Next Gen Whole of State explicitly integrates workforce and economic development into the security strategy. Through hands-on skilling, apprenticeships, and industry-recognized certifications, states can help build sustainable pipelines of AI and cyber talent using real-world platforms and tools. This model supports: Career-ready training aligned to actual state and local needs Opportunities for students, veterans, and career changers Long-term reduction in dependency on external resources By investing locally, states strengthen both their security posture and their communitiesâan outcome public sector leaders increasingly view as inseparable. Microsoftâs Role: Thought Leadership at Scale Microsoftâs contribution to Next Gen Whole of State is grounded in three principles reflected across our public sector work: Unified platforms that span identity, security, compliance, and AI Cross-sector collaboration, connecting government, education, and partners Responsible innovation, aligned with Zero Trust and secure-by-design practices This enables states to move beyond isolated pilots toward enduring, state-wide programsâwhile positioning themselves to adapt as threats and technologies evolve. Importantly, Whole of State also creates a framework for consistent executive engagement, allowing leaders to align strategy, funding, and outcomes around a shared vision. Looking Ahead The conversations happening at Billington reflect a broader shift underway across the public sector. States that lead in the next decade will be those that: Treat cybersecurity as a shared responsibility Align technology, policy, and workforce strategy Build trust through resilience, transparency, and scale Next Gen Whole of State is not a single product or program. It is a strategic approach to how states protect critical infrastructure, modernize services, and prepare their workforce for an AI-driven future. And it is increasingly clear that this approach is no longer optionalâit is foundational. Join the Conversation Microsoft continues to work with state and local leaders, educators, and partners to advance Next Gen Whole of State initiatives across the country. To learn more or engage with the Microsoft Security community, visit the Microsoft Tech Community and continue the conversation.
Serious problems in Ring0 kernel-mode modules and security in current versions of Windows
We all know that in the X86 architecture CPUs have four different levels: Ring0(kernel-level), Ring1, Ring2 and Ring3 (user-level). The users, even administrators can only access Ring3, and Microsoft designed the operating system this way to make the system more safe and stable. On the other hand, Microsoft uses signs and security options like "Memory Integrity" in "Core Isolation" in Windows Defender. Normal applications need to use kernel-mode modules to gain access to the kernel (.sys), and if these modules need to be loaded by the system, it should be signed or it will be blocked by Windows Defender or other antivirus software. But now I found a really serious problem in Microsoft's signing activities. BEDaisy.sys is the kernel-mode driver of BattlEye, an anti-cheat software, and it is signed by Microsoft. In BattlEye's EULA, it said that "BattlEye can prevent the cheaters from gaming on the servers which are protected by BattlEye. ", and to make it happen, BattlEye needs to create a service and install kernel-mode components. (Please remember that User Account Control window won't pop up if a service or trusted installer tries to install a kernel-mode driver. ) This EULA is really confusing because it makes the users think "BattlEye does this to protect me from being attacked by other cheaters. " and then accept the EULA and install BattlEye. However, after BattlEye is installed, it can't even block a simple attack from the other cheaters. The other cheaters can even force crash your game. On the contrary, BattlEye tries to block the modules from any other applications which it thinks they are suspicious from loading. It can even block the modules of the anti-cheat software, which makes the protections of the system reduce or even put the system at risk. There is another case. There is a user found his computer attacked by the malware. He was really confused because he had installed the anti-virus software on his system. After looking into his system carefully, he found out that his anti-virus software was down and was killed by mhyprot2.sys, another kernel-mode module of an anti-cheat software. And mhyprotect2.sys is also signed by Microsoft. https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html The kernel-mode drivers from both of the cases are signed by Microsoft, and as they run in Ring0 kernel-level, the users have nothing to do to stop them. And as they are signed, most of the anti-cheat software will be less sensitive to them and will be much easier to let them run. . Besides, Windows is designed for everyone, not just for game players. Not all the users would like to sacrifice the security of the system just to play the games. . On the other hand, unlike the cyber security companies, the game companies usually care more about the game itself than the entire system. And they are not responsible for any damage caused by the anti-cheat software. The thing that I am most angry with is that Microsoft actually signed these kinds of kernel-mode modules, which means Microsoft allow these kinds of dangerous things to happen. In my opinion, it is the player's duty to obey the EULA of the games, but it is the game company's duty to do their anti-cheat jobs, and if you want to use the player's device to help you anti-cheat and even want to have Ring0 access, you need to warn the users and notify them. In BattlEye's case, there are three windows will pop up on the screen when you try to install them, but all of them said that BattlEye will minimize its authority and none of them said it needs to gain the authority to shut down other software or block their activities. . . And in total, it is the users who paid for the device and the operating system which they are using, but not the game companies. Taking fully control of the device without noticing the user is illegal. In the end, I really hope that Microsoft can raise the standard of signing a kernel-mode module. These kinds of issues can happen not only in anti-cheat software, but also in any other software, only the problem occurred this time is the anti-cheat software. To tell you the truth, I think Microsoft can only sign the Ring0 kernel-level drivers of the hardware drivers and the anti-virus software. The other applications can only run in Ring3 user-mode like Android. I know it could be hard to make it happen, so you can add whitelist function for the users don't care too much about security or even let them turn off the security options. You can kill the malware by mistake because if that happens, the user can restore them and whitelist them. But you can't miss a malware, because if that happens, the responsibility is usually the one that you can't take. And if the software in the whitelist damages the system, then it is not you Microsoft's responsibility. And for the game players, you can also add isolated gaming environment like Hyper-V, but especially for games, and any other software can't run in it to prevent cheating. Thank you.A CISO's Guide to Securing AI - Securing AI for Federal, DIB, and DoW Entities
Artificial Intelligence (AI) is rapidly reshaping federal missions, defense operations, and critical infrastructure. From intelligence analysis to logistics and cyber defense, AIâs transformative power is undeniable. Yet, with great power comes great responsibility and risk.
