Organizations today are vastly unprepared for the threat of modern cyber-attacks. At the same time, the attackers are becoming more sophisticated and the amount of resources at their disposal is increasing. It has become a lucrative business to hack, disrupt, and steal intellectual property from organizations of all sizes and in all business sectors. While the attackers are becoming more sophisticated, organizations have their IT security positioned for threats from the past century, with poor password management techniques, simple ACL based file permissions, and basic firewall and zone-based containment techniques. This makes it easier for attackers to obtain access to critical intellectual property and makes career-ruining disruptions all the more common. This session focuses on understanding what is currently wrong with IT security practices and how your organization can change processes, techniques, and tools to provide for a significantly higher level of IT security without necessarily having to implement expensive tools or obtrusive processes. • Understand the pitfalls of current IT Security practices, including myths around password change policies, allowing logins without providing multiple factors, and the proliferation of ‘always-on’ admin rights. • Examine how simple changes in IT strategy can greatly improve your overall IT posture, including providing for up to a 99% improvement in the likelihood of a data credential theft. • Determine which easy to deploy tools and features which you may already be licensed for can be used to tighten up IT security within an environment, including solutions such as Microsoft Defender for Identity, Azure Sentinel, Microsoft Cloud App Security, next-generation firewalls, and more.