a close up of a logo

Five things we learnt from the Security and Compliance Summit

Sian  John

Sian John

Chief Security Advisor

Read Time, 3 min.

On November 4th 2020, Microsoft Western Europe hosted its first Security and Compliance Summit.

Experts and Security Blackbelts from across Microsoft, including the Detection and Response Team and the Digital Crimes Unit, came together virtually to share perspectives on the latest security, compliance and privacy challenges that seek to compromise the modern workplace – a topic of growing importance as organizations across the world recover from disruption and adjust to a new normal.

Hosted by Sian John MBE, Microsoft’s EMEA Director of Cybersecurity Strategy, the Security Summit explored the crucial issues organizations and security professionals face today, looking at emerging trends in cybersecurity, securing a workforce in a remote working world, insider risks and how to manage them, and so much more.

Below are just some of the key takeaways from the event. And you can watch all the sessions from the summit on demand here.

1. Security and compliance are a shared responsibility

As a business and an employer, there is a responsibility to know exactly what happens to your data – where it is, why you have it, and who can access it, as well as the potential consequences if there is a breach.

Remote work adds a level of complexity – employees may be using personal devices and unsecure applications beyond the trusted network perimeters. That’s why knowledge is key, to understand the risk, the potential impact of a compromise, and how to avoid it.

Technology can ensure controls are in place and make the necessary risk assessments, but it’s a joint responsibility to make sure your organization remains compliant.

2. Security starts with identity

Over recent years there has been a shift in the security mindset, from a network mentality (assuming an individual is secure because they’re in the four walls of a trusted network) to identity – securing organizations and controlling access based on the individual.

It’s important this is done in a way that doesn’t limit an employee’s usability or productivity. Multi-Factor Authentication is a good place to start – the single, most impactful tool to protect against account compromise, while still giving employees seamless access to all apps with single sign-on, from any location or device.

3. Automation can help to minimize ‘alert fatigue’

At the Summit, Simon Gardiner from Microsoft’s Detection and Response Team (DART) encouraged security professionals to be honest about their capacity, and to say when they’re feeling stressed. In reality, monitoring and protecting an organization from security incidents is not an easy task; it takes unparalleled attention, commitment and sometimes availability around the clock.

Technology and automation can play a significant role in reducing this pressure on security teams. If you’ve noticed something abnormal once or twice, leverage automation so that the third time it happens it’s reported, instead of hunted for. Automation frees humans up to do what technology cannot – act with intuition.

4. A new security mindset demands a culture change

Security and compliance doesn’t just impact the team who put the controls in place, it impacts every employee and every output. Security should be viewed as a power shift for a business, and this requires dedicated change management.

Roger Halbheer, Chief Security Advisor at Microsoft, highlighted an interesting perspective about breaking down silos: ‘When you start to align to the business, you start to judge success of the security consultants by business project success’.

5. Complexity is the biggest barrier to security

Before going into deploying advanced measures, it’s crucially important to master the basics. As outlined by Simon Gardiner, enable Multi-Factor Authentication, make sure your VPN solutions are protected, look at when your back-up was last online and tested.

Sandra Elvin and Jim Eckart, recent executive hires and previous CSOs at H&M and Coca-Cola respectively, agreed simplification can strengthen an organization’s security posture. The more security solutions implemented, the harder they become to orchestrate, and a fully-integrated technology stack can ensure that nothing falls through the gaps.

Watch the full summit on demand here.

 

Safeguarding digital privacy

Discover the 5 ways to increase trust and empower people in our latest eBook, Safeguarding digital privacy

Discover more related articles per industry:

Education

  • a person sitting in front of a laptop computer

    SSVOZ: Making distance learning a personalized experience

    When this period of remote learning is evaluated – without a doubt, some of the techniques we’ve used will have a more permanent place in the classrooms of the near future. Antoon Fens, IT Coordinator at Stichting Stedelijk Voortgezet Onderwijs Zoetermeer (SSVOZ), explains the critical role technology has played for education in the Netherlands, during […]

  • Pencil

    Hybrid learning and GDPR: maintaining security and compliance in disruptive times

    Like most areas of society, over the past six months the education sector has had to face challenges unlike any before. Students thrive when they have access to personalized learning. As schools have moved quickly to adapt to remote learning, using technology to create new experiences that meet students’ needs has become more important than […]

Government

  • How VR Group is using automation to secure Finland’s railways

    How VR Group is using automation to secure Finland’s railways

    “Being at the helm of a critical piece of infrastructure, we have a huge responsibility towards our partners and clients. That’s why safety and security are crucial elements of what we do and how we operate.” Mikke Maronen, CISO at Finnish railway company VR Group, is talking about the importance of protecting his business from […]

  • a large old building with many windows

    Raad van State: Creating a virtual courtroom through a remote-working solution

    “This situation has proven that with the right means, support and trust, you can remove half of the desks in your building – and in that sense, I don’t think we’ll ever see 700 people at the same time in the office again.” Ron Lamers, Project Manager at Raad van State, is talking about the […]

Healthcare

  • a person sitting in front of a laptop computer

    The ‘Big Bang’ approach to digital transformation – and how to make it work

    These days there’s no such thing as ‘business as usual’. Change and disruption are the new normal. Just think of the changes affecting your organization right now, with new technology and techniques driving new attitudes and expectations from employees and customers alike. Everything is changing. And the one thing all those changes have in common […]

  • A smiling man wearing glasses looking at the camera

    HUS: sharing data securely to make life-saving decisions

    Illnesses and diseases don’t often play fair – an unfortunate truth that was proved by the COVID-19 outbreak in early 2020, heavily hitting healthcare organizations with challenges the world hadn’t seen in a century. Hospitals needed a rapid response to reduce spreading the virus without affecting patient care. A high-pressure situation for any institution, but […]

Manufacturing

Retail

  • Picture from the back of a person attending a Teams meeting with 2 colleagues, discussing about a furniture fabric.

    Zuiver: Supporting both business and culture through technology

    “Since moving to the cloud, there are no limitations anymore. And I’m certain without this technology, we would not have seen the growth we have today.” Jaap Landsaat, CFO and Head of IT at Dutch furniture designer Zuiver, is talking about the profound impact technology has had on the business he co-founded more than 20 years ago. “Back then, we had 100 orders a week […]

  • HeadBrands is ready for the future with Microsoft 365 Business

    HeadBrands is ready for the future with Microsoft 365 Business

    Since its creation in 2010, HeadBrands has continued to grow, rapidly becoming the leading retailer of hairdressing products in Scandinavia. HeadBrands needed a modern IT solution to increase its business productivity and improve collaboration, both within the company and externally. Its response to this challenge was to replace most of its previous services with Microsoft […]

Discover more related articles per dossier:

Customer Stories

Digital Transformation

Security & Privacy

  • Woman with yellow hat stepping out of yellow cab with a Surface

    It’s time to make anywhere the safest place to create

    A permanent desk. At one office. In the same part of town. Those days are numbered. We’re moving on, quite literally. In today’s world, there’s a greater need to be flexible; to be able to think, create and share – anywhere and everywhere. To do it with complete peace of mind, too. Redefining teamwork  Companies are embracing new forms of collaboration. […]

Tips

  • a person sitting at a table in front of a window

    Are you making the most of Microsoft Teams while working remotely?

    There are many reasons and requirements for remote work, and meeting those requirements flexibly is why we created Microsoft Teams: to help you stay connected with your teams and ensure you can continue working collaboratively and efficiently, wherever you are. Here are a couple of tips to help you get the best from Microsoft Teams […]