a close up of a logo

Five things we learnt from the Security and Compliance Summit

Sian  John

Sian John

Chief Security Advisor

Read Time, 3 min.

On November 4th 2020, Microsoft Western Europe hosted its first Security and Compliance Summit.

Experts and Security Blackbelts from across Microsoft, including the Detection and Response Team and the Digital Crimes Unit, came together virtually to share perspectives on the latest security, compliance and privacy challenges that seek to compromise the modern workplace – a topic of growing importance as organizations across the world recover from disruption and adjust to a new normal.

Hosted by Sian John MBE, Microsoft’s EMEA Director of Cybersecurity Strategy, the Security Summit explored the crucial issues organizations and security professionals face today, looking at emerging trends in cybersecurity, securing a workforce in a remote working world, insider risks and how to manage them, and so much more.

Below are just some of the key takeaways from the event. And you can watch all the sessions from the summit on demand here.

1. Security and compliance are a shared responsibility

As a business and an employer, there is a responsibility to know exactly what happens to your data – where it is, why you have it, and who can access it, as well as the potential consequences if there is a breach.

Remote work adds a level of complexity – employees may be using personal devices and unsecure applications beyond the trusted network perimeters. That’s why knowledge is key, to understand the risk, the potential impact of a compromise, and how to avoid it.

Technology can ensure controls are in place and make the necessary risk assessments, but it’s a joint responsibility to make sure your organization remains compliant.

2. Security starts with identity

Over recent years there has been a shift in the security mindset, from a network mentality (assuming an individual is secure because they’re in the four walls of a trusted network) to identity – securing organizations and controlling access based on the individual.

It’s important this is done in a way that doesn’t limit an employee’s usability or productivity. Multi-Factor Authentication is a good place to start – the single, most impactful tool to protect against account compromise, while still giving employees seamless access to all apps with single sign-on, from any location or device.

3. Automation can help to minimize ‘alert fatigue’

At the Summit, Simon Gardiner from Microsoft’s Detection and Response Team (DART) encouraged security professionals to be honest about their capacity, and to say when they’re feeling stressed. In reality, monitoring and protecting an organization from security incidents is not an easy task; it takes unparalleled attention, commitment and sometimes availability around the clock.

Technology and automation can play a significant role in reducing this pressure on security teams. If you’ve noticed something abnormal once or twice, leverage automation so that the third time it happens it’s reported, instead of hunted for. Automation frees humans up to do what technology cannot – act with intuition.

4. A new security mindset demands a culture change

Security and compliance doesn’t just impact the team who put the controls in place, it impacts every employee and every output. Security should be viewed as a power shift for a business, and this requires dedicated change management.

Roger Halbheer, Chief Security Advisor at Microsoft, highlighted an interesting perspective about breaking down silos: ‘When you start to align to the business, you start to judge success of the security consultants by business project success’.

5. Complexity is the biggest barrier to security

Before going into deploying advanced measures, it’s crucially important to master the basics. As outlined by Simon Gardiner, enable Multi-Factor Authentication, make sure your VPN solutions are protected, look at when your back-up was last online and tested.

Sandra Elvin and Jim Eckart, recent executive hires and previous CSOs at H&M and Coca-Cola respectively, agreed simplification can strengthen an organization’s security posture. The more security solutions implemented, the harder they become to orchestrate, and a fully-integrated technology stack can ensure that nothing falls through the gaps.

Watch the full summit on demand here.

 

Safeguarding digital privacy

Discover the 5 ways to increase trust and empower people in our latest eBook, Safeguarding digital privacy

Discover more related articles per industry:

Education

  • a woman sitting at a table using a laptop

    VSNU: coordinating a nationwide university digital transformation in one weekend

    “A lesson for us during this crisis, has been that new technology doesn’t just change how you work – it also changes people and culture, which is something you have to support everyone through.” Director of Accountability at The Association of Universities in the Netherlands (VSNU), Reinout Van Brakel, is talking about the instrumental role […]

  • Pencil

    Hybrid learning and GDPR: maintaining security and compliance in disruptive times

    Like most areas of society, over the past six months the education sector has had to face challenges unlike any before. Students thrive when they have access to personalized learning. As schools have moved quickly to adapt to remote learning, using technology to create new experiences that meet students’ needs has become more important than […]

Government

  • a group of people performing on stage in front of a crowd

    City of Liège: Facilitating decision making in difficult times

    For many organizations, social-distancing measures brought about by COVID-19 have drastically slowed day-to-day operations – and for some, even stopped them altogether. But for local governments across Europe, like the Belgian city of Liège, slowing down hasn’t been an option.  From supporting citizens and businesses to protecting frontline workers, Liège city had to quickly provide stability during this crisis and ensure important decisions could still be made in a democratic […]

  • a group of people standing next to a dog

    Belgian police force completes secure, mobile-first transformation

    Information sharing is now much easier for officers and support staff – thanks to Microsoft Teams on a powerful and secure digital platform.

Healthcare

  • a person preparing food in a kitchen

    Humanitas-DMH: empowering key workers with a secure digital support

    “Our goal is to create an environment where people with mental disabilities can feel safe, secure and happy.” Marcella van Kraaij, Digital Transformation Advisor at Dutch healthcare provider Humanitas-DMH, is discussing her organization’s key objectives – and how the technology her team recently adopted is helping it to achieve them. Every day, the carers and […]

  • a woman standing in front of a screen

    Istituto Neurologico Carlo Besta: providing essential patient care from a distance

    “Telehealth was a technology we’d been planning to implement for a couple of years. But then almost overnight everything changed – it became a must-have platform the hospital needed today.” Francesca De Giorgi, CIO of Italian research hospital IRCCS Carlo Besta, reflects on the recent challenges her team faced when social distancing measures imposed by […]

Manufacturing

  • a woman smiling for the camera

    Etex Group: Future-proofing employees to work anywhere across the world

    When COVID-19 spread across Europe in early 2020, businesses entered a new digitally-dependent age. Social distancing measures had asked offices of all shapes and sizes to close their doors, sparking organizations to quickly find other virtual ways for colleagues to meet and collaborate remotely. But for Belgium building material specialist Etex, this was a step they were ready for – having already implemented a cloud-based infrastructure and collaboration tools […]

  • a person sitting at a desk with a laptop on a table

    My people leadership compass in times of gloom

    Microsoft’s Max Tchapeyou offers a very personal viewpoint, citing the six ways he’s found to work more effectively – and positively – with his team.

Retail

  • GDPR and Retail: Four GDPR requirements and how Microsoft can help

    GDPR and Retail: Four GDPR requirements and how Microsoft can help

    Learn how we can help you meet GDPR requirements with solutions available today: Assessing your current risk profile “How do I understand where I am already compliant and where I need to focus next?” This is one of the most common questions from retailers in regard to the GDPR. It’s also one of the hardest to […]

  • HeadBrands is ready for the future with Microsoft 365 Business

    HeadBrands is ready for the future with Microsoft 365 Business

    Since its creation in 2010, HeadBrands has continued to grow, rapidly becoming the leading retailer of hairdressing products in Scandinavia. HeadBrands needed a modern IT solution to increase its business productivity and improve collaboration, both within the company and externally. Its response to this challenge was to replace most of its previous services with Microsoft […]

Discover more related articles per dossier:

Customer Stories

  • A smiling man wearing glasses looking at the camera

    HUS: sharing data securely to make life-saving decisions

    Illnesses and diseases don’t often play fair – an unfortunate truth that was proved by the COVID-19 outbreak in early 2020, heavily hitting healthcare organizations with challenges the world hadn’t seen in a century. Hospitals needed a rapid response to reduce spreading the virus without affecting patient care. A high-pressure situation for any institution, but […]

Digital Transformation

  • a man wearing a suit and tie

    Supporting employees across the world with a virtual desktop solution

    “It’s always good to see that you have made the right technology choices, and when you need something to happen – it can happen.” Stefan De Boer, Global IT Head at recruitment specialist Brunel, is talking about his company’s ethos to embracing new technologies and how it helped them quickly adapt to remote working during the COVID-19 crisis. “We were […]

Security & Privacy

Tips