SlideShare a Scribd company logo
IT-Sicherheit neu denken –
Paradigmenwechsel auf
Basis von Zero Trust
05. November
Thomas Treml
Microsoft Deutschland GmbH
Zero Trust 20211105
Zero Trust 20211105
BSI - IT-Sicherheit im Home-Office (bund.de)
IT-Sicherheit im Home-Office im Jahr 2020
Microsoft
Digital Defense Report
Aka.ms/mddr
OCTOBER 2021
Zero Trust 20211105
Zero Trust 20211105
Alte Welt vs.
Mitarbeiter, Partner & Kunden
Bring your own devices
Täglich neue Cloud-Apps
Perimeter verliert an Relevanz
Explosion der Signale
Eine neue Realität braucht neue Prinzipien
Explizit überprüfen
Identitäten sind das neue, zentrale Perimeter
Cloud
SaaS-Apps
On-Premises Apps
MFA durchsetzen
Zugriff
blockieren/zulassen
Legacy-Authentisierung
blockieren
Passwort
zurücksetzen
Zugriff
limitieren
Kontrollen
Mitarbeiter & Partner
Benutzer & Rollen
Bekannte &
konforme Geräte
Physikalische &
virtuelle Lokation
Client-Apps &
Authentifizierungs-
Methoden
Konditionen
Microsoft Cloud
In einer optimalen Zero-Trust-Implementierung sind Ihre digitalen Assets verbunden und in der Lage, das
Signal zu liefern, das erforderlich ist, um fundierte Zugriffsentscheidungen mithilfe automatisierter
Richtliniendurchsetzung zu treffen.
In drei Schritten zu Zero Trust
1. Automatisierte Identitäts- &
Zugriffsverwaltung
2. Zentrales Unified Endpoint
Management
3. Privilegierte
Benutzerrechtevergabe &
Applikationsmanagement
Zero Trust Reifegradmodell
Das Zero Trust-
Reifegradmodell
Mit diesen Grundprinzipien,
einer Übersicht des End-to-End-
Frameworks und einem
skalierbaren Reifegradmodell
verfügen Sie über das nötige
Wissen, um den Zero Trust-
Fortschritt im Unternehmen zu
bewerten, Stakeholder zu
informieren und die nächsten
Schritte zu priorisieren.
Leitfaden herunterladen
Bewertung mit dem Zero Trust-Reifegradmodell
Bewertung durchführen
Referenzarchitektur für Cybersicherheit
Referenzarchitektur für Microsoft-Cybersicherheit - Security documentation | Microsoft Docs
Microsoft Intelligent Security Association
• Collaboration
strengthens protection
• Teaming up with our security partners to
build an ecosystem of intelligent security
solutions that better defend against a
world of increased threats
Diskussion
Thomas Treml
Microsoft Deutschland GmbH
Thomas.Treml@microsoft.com
Anhang
Identity Data
Networking
Devices Apps Infrastructure
Logical Components of a Zero Trust Architecture
Evolving Zero Trust—Lessons learned and emerging trends - Microsoft Security Blog
Was bedeutet Zero Trust?
Workloads
Endgeräte
Personen Intelligenz Daten
Guiding Principles and Standards
• Principles are high-level statements of the values that guide IT and the
Business, e.g. “Information is an asset”. They are universally agreed
truths. They guide and shape the lower-level artefacts; standards and
policies.
• Principles change very little – if at all – over time.
• The objectives should change very little over time, as they are
foundations of Zero Trust and an organization’s Cybersecurity
strategy.
• Strategies are long-term missions that do not frequently change.
Therefore, the Principles are best tied to strategic objectives.
• Standards define the specification to which we do something, e.g. “Data-
at-rest must be encrypted using AES 128 bit or better”.
• Standards change, they improve and become obsolete.
• They are closer to technology.
• Design decisions are shaped by standards and principles and will
prescribe a product and configuration. e.g. “Disks shall be encrypted
using Microsoft BitLocker”.
• Principles are not tangible, so appropriate standards and policies must be
defined and enforced in order to implement the Principles.
© Microsoft 2021
Summary EO response for Federal Agencies
Executive order
On May 12, 2021, President Biden signed the Executive Order (EO) to improve the nation’s cybersecurity and protect federal government networks in
response to recent incidents from sophisticated malicious activity from nation-state and cyber criminals.
For agencies there are numerous requirements, including some with short-term action items included in the EO. The purpose of this presentation is to help
government agencies take thoughtful action aligned to one of these requirements: Plan for Zero Trust Implementation
Capabilities
There are six key capabilities expected to
be developed through the EO:
1. Secure Cloud Adoption Plan
2. Zero Trust Plan
3. Multifactor Authentication
Implementation
4. Endpoint Detection & Response
5. Data Identification
6. Secure Software Adoption
Zero Trust Plan
EO Requirement: Section 3 – “The heads of
agencies update plans for federal network
infrastructure (including adoption of cloud
technology and implementation of Zero Trust
Architecture) and report plans to OMB/NSC.”
Timeline: 07/11/2021
Microsoft reference architecture: Zero Trust
Architecture
Actions
Next steps include:
1. Review compliance requirements for
section 3
2. Review how Microsoft can support
3. Develop and implement plans to build
agency response
Resources:
Summary: FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks | The White House
Executive Order: Executive Order on Improving the Nation's Cybersecurity | The White House
23
Defender for
Office 365
Defender for
Endpoint
Defender for
Identity
Defend across attack chains
Phishing
mail
Open
attachment
Click a URL
Browse
a website
Exploitation
and Installation
Command
and Control
Azure AD
Identity Protection
Brute force account or use
stolen account credentials
User account is
compromised
Attacker collects
reconnaissance &
configuration data
Attacker attempts
lateral movement
Privileged account
compromised
Domain
compromised
Microsoft Cloud
App Security
Attacker accesses
sensitive data
Exfiltration
of data
Leading
indicators
History of violations
Distracted and careless
Disgruntled or disenchanted
Subject to stressors
Insider risk
management
Insider has access
to sensitive data
Anomalous
activity detected
Data
leakage
Potential
sabotage
Azure Defender
https://aka.ms/MCRA
Provide actionable security
alerts, raw logs, or both
Microsoft Reference Architecture
Securing Privileged Access
Office 365 Security
Rapid Cyberattacks
(Wannacrypt/Petya)
https://aka.ms/MCRA Video Recording Strategies
SQL Encryption &
Data Masking
Office 365
Dynamics 365
+Monito
r
Data Loss
Protection
Data Governance
eDiscovery
Cybersecurity Reference Architecture
https://aka.ms/MCRA Video Recording Strategies
Security Operations
Provide actionable security
alerts, raw logs, or both
https://aka.ms/MCRA
Security Operations
Provide actionable security
alerts, raw logs, or both
https://aka.ms/MCRA
©Microsoft Corporation Azure
Operational Technology (OT) Security Reference Architecture
Apply zero trust principles to securing OT and industrial IoT environments
S A F E T Y S Y S T E M S
Purdue Model
Level 1 – Basic Control
Electronics controlling or monitoring
physical systems
Level 0 – Process
Physical machinery
Level 2 – Supervisory Control
Monitoring & Control for discrete
business functions (e.g. production line)
Level 3 – Site Operations
Control & monitoring for physical site
with multiple functions (e.g. plant)
Security Analytics
Transform with Zero Trust Principles
Purdue model assumed static site/enterprise model
• Datacenter Segments – Align network/identity/other
controls to business workloads and business risk
• End user access - Dynamically grant access based on explicit
validation of current user and device risk level
Business Analytics
Confidentiality/Integrity/Availability
• Hardware Age: 5-10 years
• Warranty length 3-5 years
• Protocols: Native IP, HTTP(S), Others
• Security Hygiene: Multi-factor authentication (MFA), patching, threat monitoring, antimalware
Safety/Integrity/Availability
• Hardware Age: 50-100 years (mechanical + electronic overlay)
• Warranty length: up to 30-50 years
• Protocols: Industry Specific (often bridged to IP networks)
• Security Hygiene: Isolation, threat monitoring, managing vendor
access risk, (patching rarely)
Operational Technology
(OT) Environments
Information Technology
(IT) Environments
IIoT / OT Digital Transformation drivers
• Business Efficiency - Data to enable business agility
• Governance & Regulatory Compliance with safety and other
standards
• Emerging Security Standards like CMMC
Azure Analytics
IoT Hub, PowerBI, Azure Edge,
Digital Twins, and more
Blended cybersecurity attacks are
driving convergence of IT, OT, and IoT
security architectures and capabilities
Plant security console
(optional)
Sensor(s) + Analytics
TLS with mutual
authentication
N E T W O R K
T A P / S P A N
https://aka.ms/MCRA
Azure Defender for IoT
 Manager
 Security Console
3rd party
Analytics
Cloud
Environments
Business Analytics
Business Analytic Sensor(s)
Cloud Connection (OPTIONAL)
• Native plug-in for Azure Defender for IoT
• Native OT investigation & remediation playbooks
• Correlation with other data sources and
Strategic Threat intelligence (attack groups & context)
Zero Trust Principles - Assume breach, verify explicitly, Use least privilege access (identity and network)
Hard Boundary
Physically disconnect
from IT network(s)
Soft(ware) Boundary
People, Process, and Tech (network
+ identity access control, boundary
patching and security hygiene)
Internal
isolation
As business
processes allow
Isolation and Segmentation
3rd party
Analytics Azure Sentinel
3rd party SIEM
Situation: Solution: Impact:
“We chose the best of suite approach with the Microsoft 365 E5 solution, and now we have
an overview of our environment that helps us to react in real time and defend against attacks
proactively.”
When Siemens began to
transition to the cloud, it
emphasized real-time, proactive
security in order to apply a Zero
Trust approach. It needed a tightly
coordinated set of security
solutions to protect identities,
data, and endpoints.
.- Thomas Mueller-Lynch, Service Owner Lead for Digital Identity, Siemens
Already committed to the
productivity-enhancing apps in
Microsoft 365, it now makes full
use of the rich security built into
the solution, including Azure
Active Directory, Microsoft
Defender for Identity, Microsoft
Endpoint Manager, Microsoft
Defender for Endpoint, and
more.
Siemens is realizing the advantages
of an encompassing security system
that is worth more than the sum of
its parts: a tightly coordinated set of
solutions that helps protect
company data and about 300,000
devices easily, efficiently—and
proactively.
Customer:
Siemens
Industry:
Manufacturing
Size:
Large (10,000+ employees)
Country:
Germany
Products and services:
Microsoft Azure Active Directory
Microsoft Cloud App Security
Microsoft Defender for Endpoint
Microsoft Defender for Identity
Microsoft Endpoint Manager
Microsoft Information Protection P2
Customer Lockbox for Azure
Read full story here
Authentifizierung neu gedacht: Zero Trust verstehen und
umsetzen - computerwoche.de
This track exposes participants to all the key azure services at the disposal of the organization and all the cybersecurity concepts necessary to
ensure the confidentiality, integrity and availability of all these resources and information systems. There Will be deep dive, hands-on
sessions on key areas such as Azure Security Center, Azure Sentinel, Azure Monitor, IAM, Data and Application Security.
This track will help participants acquire the skills required to secure both M365 (E3 & E5) deployments and comply with industry & territorial
data protections. Key Security concepts such as Threat Management & Protection, IAM, Application & Mobility Security, GDPR, Compliance,
Risk and Security Governance will be taught.

More Related Content

What's hot

Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
Robert Crane
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
ReZa AdineH
 
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity ManagementPwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity Management
CA Technologies
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
Robert Crane
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
Iain Dickson
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1
Mohammed A. Imran
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
Birendra Negi ☁️
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
 
ATT&CK Updates- ATT&CK for ICS
ATT&CK Updates- ATT&CK for ICSATT&CK Updates- ATT&CK for ICS
ATT&CK Updates- ATT&CK for ICS
MITRE ATT&CK
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
Michael Torres
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overview
ITJobZone.biz
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern
 
DevSecOps
DevSecOpsDevSecOps
DevSecOps
Spv Reddy
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseProgramme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
EyesOpen Association
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)
Srikanth Kappagantula
 
OT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience:  Designing for Security SuccessOT Security Architecture & Resilience:  Designing for Security Success
OT Security Architecture & Resilience: Designing for Security Success
accenture
 
Demystifying DevSecOps
Demystifying DevSecOpsDemystifying DevSecOps
Demystifying DevSecOps
Archana Joshi
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
 

What's hot (20)

Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity ManagementPwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity Management
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
ATT&CK Updates- ATT&CK for ICS
ATT&CK Updates- ATT&CK for ICSATT&CK Updates- ATT&CK for ICS
ATT&CK Updates- ATT&CK for ICS
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
 
Sailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overviewSailpoint Online Training on IAM overview
Sailpoint Online Training on IAM overview
 
BATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdfBATbern48_How Zero Trust can help your organisation keep safe.pdf
BATbern48_How Zero Trust can help your organisation keep safe.pdf
 
DevSecOps
DevSecOpsDevSecOps
DevSecOps
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseProgramme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)
 
OT Security Architecture & Resilience: Designing for Security Success
OT Security Architecture & Resilience:  Designing for Security SuccessOT Security Architecture & Resilience:  Designing for Security Success
OT Security Architecture & Resilience: Designing for Security Success
 
Demystifying DevSecOps
Demystifying DevSecOpsDemystifying DevSecOps
Demystifying DevSecOps
 
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptxSEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
 

Similar to Zero Trust 20211105

microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
GenericName6
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
Alert Logic
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
Kresimir Popovic
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
East Midlands Cyber Security Forum
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public Sector
Amazon Web Services
 
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET Journal
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Ulf Mattsson
 
Iot 7-12-2021
Iot 7-12-2021Iot 7-12-2021
Iot 7-12-2021
GagninderKaur
 
IRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on CloudIRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on Cloud
IRJET Journal
 
SPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud DeutschlandSPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud Deutschland
NCCOMMS
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
sarah david
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
IJERA Editor
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
sarah david
 
Security in cloud computing kashyap kunal
Security in cloud computing  kashyap kunalSecurity in cloud computing  kashyap kunal
Security in cloud computing kashyap kunal
Kashyap Kunal
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
Hari Kumar
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
Vignesh Ganesan I Microsoft MVP
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspective
jmcdaniel650
 

Similar to Zero Trust 20211105 (20)

microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
 
Cloud services and it security
Cloud services and it securityCloud services and it security
Cloud services and it security
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public Sector
 
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation IRJET- Simultaneous ammunition for the multi-cloud computing simulation
IRJET- Simultaneous ammunition for the multi-cloud computing simulation
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Iot 7-12-2021
Iot 7-12-2021Iot 7-12-2021
Iot 7-12-2021
 
IRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on CloudIRJET-Domain Data Security on Cloud
IRJET-Domain Data Security on Cloud
 
SPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud DeutschlandSPUnite17 Microsoft Cloud Deutschland
SPUnite17 Microsoft Cloud Deutschland
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
 
Security in cloud computing kashyap kunal
Security in cloud computing  kashyap kunalSecurity in cloud computing  kashyap kunal
Security in cloud computing kashyap kunal
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
Cloud Ecosystems A Perspective
Cloud Ecosystems A PerspectiveCloud Ecosystems A Perspective
Cloud Ecosystems A Perspective
 

Recently uploaded

Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
Bert Blevins
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
aakash malhotra
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
HackersList
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
Zilliz
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
bhumivarma35300
 
The Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdfThe Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdf
paysquare consultancy
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
Ivanti
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
ArgaBisma
 
WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
Lidia A.
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
SynapseIndia
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Torry Harris
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
Safe Software
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Mydbops
 
DealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 editionDealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 edition
Yevgen Sysoyev
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
Tatiana Al-Chueyr
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
Emerging Tech
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
LINUS PROJECTS (INDIA)
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
Kief Morris
 

Recently uploaded (20)

Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
 
The Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdfThe Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdf
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
 
WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxRPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptx
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
 
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsScaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - Mydbops
 
DealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 editionDealBook of Ukraine: 2024 edition
DealBook of Ukraine: 2024 edition
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
 

Zero Trust 20211105

  • 1. IT-Sicherheit neu denken – Paradigmenwechsel auf Basis von Zero Trust 05. November Thomas Treml Microsoft Deutschland GmbH
  • 4. BSI - IT-Sicherheit im Home-Office (bund.de) IT-Sicherheit im Home-Office im Jahr 2020
  • 8. Alte Welt vs. Mitarbeiter, Partner & Kunden Bring your own devices Täglich neue Cloud-Apps Perimeter verliert an Relevanz Explosion der Signale
  • 9. Eine neue Realität braucht neue Prinzipien Explizit überprüfen
  • 10. Identitäten sind das neue, zentrale Perimeter
  • 11. Cloud SaaS-Apps On-Premises Apps MFA durchsetzen Zugriff blockieren/zulassen Legacy-Authentisierung blockieren Passwort zurücksetzen Zugriff limitieren Kontrollen Mitarbeiter & Partner Benutzer & Rollen Bekannte & konforme Geräte Physikalische & virtuelle Lokation Client-Apps & Authentifizierungs- Methoden Konditionen Microsoft Cloud
  • 12. In einer optimalen Zero-Trust-Implementierung sind Ihre digitalen Assets verbunden und in der Lage, das Signal zu liefern, das erforderlich ist, um fundierte Zugriffsentscheidungen mithilfe automatisierter Richtliniendurchsetzung zu treffen.
  • 13. In drei Schritten zu Zero Trust 1. Automatisierte Identitäts- & Zugriffsverwaltung 2. Zentrales Unified Endpoint Management 3. Privilegierte Benutzerrechtevergabe & Applikationsmanagement
  • 14. Zero Trust Reifegradmodell Das Zero Trust- Reifegradmodell Mit diesen Grundprinzipien, einer Übersicht des End-to-End- Frameworks und einem skalierbaren Reifegradmodell verfügen Sie über das nötige Wissen, um den Zero Trust- Fortschritt im Unternehmen zu bewerten, Stakeholder zu informieren und die nächsten Schritte zu priorisieren. Leitfaden herunterladen
  • 15. Bewertung mit dem Zero Trust-Reifegradmodell Bewertung durchführen
  • 16. Referenzarchitektur für Cybersicherheit Referenzarchitektur für Microsoft-Cybersicherheit - Security documentation | Microsoft Docs
  • 17. Microsoft Intelligent Security Association • Collaboration strengthens protection • Teaming up with our security partners to build an ecosystem of intelligent security solutions that better defend against a world of increased threats
  • 18. Diskussion Thomas Treml Microsoft Deutschland GmbH Thomas.Treml@microsoft.com
  • 20. Identity Data Networking Devices Apps Infrastructure Logical Components of a Zero Trust Architecture Evolving Zero Trust—Lessons learned and emerging trends - Microsoft Security Blog
  • 21. Was bedeutet Zero Trust? Workloads Endgeräte Personen Intelligenz Daten
  • 22. Guiding Principles and Standards • Principles are high-level statements of the values that guide IT and the Business, e.g. “Information is an asset”. They are universally agreed truths. They guide and shape the lower-level artefacts; standards and policies. • Principles change very little – if at all – over time. • The objectives should change very little over time, as they are foundations of Zero Trust and an organization’s Cybersecurity strategy. • Strategies are long-term missions that do not frequently change. Therefore, the Principles are best tied to strategic objectives. • Standards define the specification to which we do something, e.g. “Data- at-rest must be encrypted using AES 128 bit or better”. • Standards change, they improve and become obsolete. • They are closer to technology. • Design decisions are shaped by standards and principles and will prescribe a product and configuration. e.g. “Disks shall be encrypted using Microsoft BitLocker”. • Principles are not tangible, so appropriate standards and policies must be defined and enforced in order to implement the Principles.
  • 23. © Microsoft 2021 Summary EO response for Federal Agencies Executive order On May 12, 2021, President Biden signed the Executive Order (EO) to improve the nation’s cybersecurity and protect federal government networks in response to recent incidents from sophisticated malicious activity from nation-state and cyber criminals. For agencies there are numerous requirements, including some with short-term action items included in the EO. The purpose of this presentation is to help government agencies take thoughtful action aligned to one of these requirements: Plan for Zero Trust Implementation Capabilities There are six key capabilities expected to be developed through the EO: 1. Secure Cloud Adoption Plan 2. Zero Trust Plan 3. Multifactor Authentication Implementation 4. Endpoint Detection & Response 5. Data Identification 6. Secure Software Adoption Zero Trust Plan EO Requirement: Section 3 – “The heads of agencies update plans for federal network infrastructure (including adoption of cloud technology and implementation of Zero Trust Architecture) and report plans to OMB/NSC.” Timeline: 07/11/2021 Microsoft reference architecture: Zero Trust Architecture Actions Next steps include: 1. Review compliance requirements for section 3 2. Review how Microsoft can support 3. Develop and implement plans to build agency response Resources: Summary: FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks | The White House Executive Order: Executive Order on Improving the Nation's Cybersecurity | The White House 23
  • 24. Defender for Office 365 Defender for Endpoint Defender for Identity Defend across attack chains Phishing mail Open attachment Click a URL Browse a website Exploitation and Installation Command and Control Azure AD Identity Protection Brute force account or use stolen account credentials User account is compromised Attacker collects reconnaissance & configuration data Attacker attempts lateral movement Privileged account compromised Domain compromised Microsoft Cloud App Security Attacker accesses sensitive data Exfiltration of data Leading indicators History of violations Distracted and careless Disgruntled or disenchanted Subject to stressors Insider risk management Insider has access to sensitive data Anomalous activity detected Data leakage Potential sabotage Azure Defender https://aka.ms/MCRA
  • 25. Provide actionable security alerts, raw logs, or both Microsoft Reference Architecture
  • 26. Securing Privileged Access Office 365 Security Rapid Cyberattacks (Wannacrypt/Petya) https://aka.ms/MCRA Video Recording Strategies SQL Encryption & Data Masking Office 365 Dynamics 365 +Monito r Data Loss Protection Data Governance eDiscovery Cybersecurity Reference Architecture https://aka.ms/MCRA Video Recording Strategies
  • 27. Security Operations Provide actionable security alerts, raw logs, or both https://aka.ms/MCRA
  • 28. Security Operations Provide actionable security alerts, raw logs, or both https://aka.ms/MCRA
  • 29. ©Microsoft Corporation Azure Operational Technology (OT) Security Reference Architecture Apply zero trust principles to securing OT and industrial IoT environments S A F E T Y S Y S T E M S Purdue Model Level 1 – Basic Control Electronics controlling or monitoring physical systems Level 0 – Process Physical machinery Level 2 – Supervisory Control Monitoring & Control for discrete business functions (e.g. production line) Level 3 – Site Operations Control & monitoring for physical site with multiple functions (e.g. plant) Security Analytics Transform with Zero Trust Principles Purdue model assumed static site/enterprise model • Datacenter Segments – Align network/identity/other controls to business workloads and business risk • End user access - Dynamically grant access based on explicit validation of current user and device risk level Business Analytics Confidentiality/Integrity/Availability • Hardware Age: 5-10 years • Warranty length 3-5 years • Protocols: Native IP, HTTP(S), Others • Security Hygiene: Multi-factor authentication (MFA), patching, threat monitoring, antimalware Safety/Integrity/Availability • Hardware Age: 50-100 years (mechanical + electronic overlay) • Warranty length: up to 30-50 years • Protocols: Industry Specific (often bridged to IP networks) • Security Hygiene: Isolation, threat monitoring, managing vendor access risk, (patching rarely) Operational Technology (OT) Environments Information Technology (IT) Environments IIoT / OT Digital Transformation drivers • Business Efficiency - Data to enable business agility • Governance & Regulatory Compliance with safety and other standards • Emerging Security Standards like CMMC Azure Analytics IoT Hub, PowerBI, Azure Edge, Digital Twins, and more Blended cybersecurity attacks are driving convergence of IT, OT, and IoT security architectures and capabilities Plant security console (optional) Sensor(s) + Analytics TLS with mutual authentication N E T W O R K T A P / S P A N https://aka.ms/MCRA Azure Defender for IoT  Manager  Security Console 3rd party Analytics Cloud Environments Business Analytics Business Analytic Sensor(s) Cloud Connection (OPTIONAL) • Native plug-in for Azure Defender for IoT • Native OT investigation & remediation playbooks • Correlation with other data sources and Strategic Threat intelligence (attack groups & context) Zero Trust Principles - Assume breach, verify explicitly, Use least privilege access (identity and network) Hard Boundary Physically disconnect from IT network(s) Soft(ware) Boundary People, Process, and Tech (network + identity access control, boundary patching and security hygiene) Internal isolation As business processes allow Isolation and Segmentation 3rd party Analytics Azure Sentinel 3rd party SIEM
  • 30. Situation: Solution: Impact: “We chose the best of suite approach with the Microsoft 365 E5 solution, and now we have an overview of our environment that helps us to react in real time and defend against attacks proactively.” When Siemens began to transition to the cloud, it emphasized real-time, proactive security in order to apply a Zero Trust approach. It needed a tightly coordinated set of security solutions to protect identities, data, and endpoints. .- Thomas Mueller-Lynch, Service Owner Lead for Digital Identity, Siemens Already committed to the productivity-enhancing apps in Microsoft 365, it now makes full use of the rich security built into the solution, including Azure Active Directory, Microsoft Defender for Identity, Microsoft Endpoint Manager, Microsoft Defender for Endpoint, and more. Siemens is realizing the advantages of an encompassing security system that is worth more than the sum of its parts: a tightly coordinated set of solutions that helps protect company data and about 300,000 devices easily, efficiently—and proactively. Customer: Siemens Industry: Manufacturing Size: Large (10,000+ employees) Country: Germany Products and services: Microsoft Azure Active Directory Microsoft Cloud App Security Microsoft Defender for Endpoint Microsoft Defender for Identity Microsoft Endpoint Manager Microsoft Information Protection P2 Customer Lockbox for Azure Read full story here
  • 31. Authentifizierung neu gedacht: Zero Trust verstehen und umsetzen - computerwoche.de
  • 32. This track exposes participants to all the key azure services at the disposal of the organization and all the cybersecurity concepts necessary to ensure the confidentiality, integrity and availability of all these resources and information systems. There Will be deep dive, hands-on sessions on key areas such as Azure Security Center, Azure Sentinel, Azure Monitor, IAM, Data and Application Security. This track will help participants acquire the skills required to secure both M365 (E3 & E5) deployments and comply with industry & territorial data protections. Key Security concepts such as Threat Management & Protection, IAM, Application & Mobility Security, GDPR, Compliance, Risk and Security Governance will be taught.

Editor's Notes

  1. 11