a close up of a logo

Five things we learnt from the Security and Compliance Summit

Sian  John

Sian John

Chief Security Advisor

Read Time, 3 min.

On November 4th 2020, Microsoft Western Europe hosted its first Security and Compliance Summit.

Experts and Security Blackbelts from across Microsoft, including the Detection and Response Team and the Digital Crimes Unit, came together virtually to share perspectives on the latest security, compliance and privacy challenges that seek to compromise the modern workplace – a topic of growing importance as organizations across the world recover from disruption and adjust to a new normal.

Hosted by Sian John MBE, Microsoft’s EMEA Director of Cybersecurity Strategy, the Security Summit explored the crucial issues organizations and security professionals face today, looking at emerging trends in cybersecurity, securing a workforce in a remote working world, insider risks and how to manage them, and so much more.

Below are just some of the key takeaways from the event. And you can watch all the sessions from the summit on demand here.

1. Security and compliance are a shared responsibility

As a business and an employer, there is a responsibility to know exactly what happens to your data – where it is, why you have it, and who can access it, as well as the potential consequences if there is a breach.

Remote work adds a level of complexity – employees may be using personal devices and unsecure applications beyond the trusted network perimeters. That’s why knowledge is key, to understand the risk, the potential impact of a compromise, and how to avoid it.

Technology can ensure controls are in place and make the necessary risk assessments, but it’s a joint responsibility to make sure your organization remains compliant.

2. Security starts with identity

Over recent years there has been a shift in the security mindset, from a network mentality (assuming an individual is secure because they’re in the four walls of a trusted network) to identity – securing organizations and controlling access based on the individual.

It’s important this is done in a way that doesn’t limit an employee’s usability or productivity. Multi-Factor Authentication is a good place to start – the single, most impactful tool to protect against account compromise, while still giving employees seamless access to all apps with single sign-on, from any location or device.

3. Automation can help to minimize ‘alert fatigue’

At the Summit, Simon Gardiner from Microsoft’s Detection and Response Team (DART) encouraged security professionals to be honest about their capacity, and to say when they’re feeling stressed. In reality, monitoring and protecting an organization from security incidents is not an easy task; it takes unparalleled attention, commitment and sometimes availability around the clock.

Technology and automation can play a significant role in reducing this pressure on security teams. If you’ve noticed something abnormal once or twice, leverage automation so that the third time it happens it’s reported, instead of hunted for. Automation frees humans up to do what technology cannot – act with intuition.

4. A new security mindset demands a culture change

Security and compliance doesn’t just impact the team who put the controls in place, it impacts every employee and every output. Security should be viewed as a power shift for a business, and this requires dedicated change management.

Roger Halbheer, Chief Security Advisor at Microsoft, highlighted an interesting perspective about breaking down silos: ‘When you start to align to the business, you start to judge success of the security consultants by business project success’.

5. Complexity is the biggest barrier to security

Before going into deploying advanced measures, it’s crucially important to master the basics. As outlined by Simon Gardiner, enable Multi-Factor Authentication, make sure your VPN solutions are protected, look at when your back-up was last online and tested.

Sandra Elvin and Jim Eckart, recent executive hires and previous CSOs at H&M and Coca-Cola respectively, agreed simplification can strengthen an organization’s security posture. The more security solutions implemented, the harder they become to orchestrate, and a fully-integrated technology stack can ensure that nothing falls through the gaps.

Watch the full summit on demand here.

 

Safeguarding digital privacy

Discover the 5 ways to increase trust and empower people in our latest eBook, Safeguarding digital privacy

Discover more related articles per industry:

Education

Government

Healthcare

  • a person preparing food in a kitchen

    Humanitas-DMH: empowering key workers with a secure digital support

    “Our goal is to create an environment where people with mental disabilities can feel safe, secure and happy.” Marcella van Kraaij, Digital Transformation Advisor at Dutch healthcare provider Humanitas-DMH, is discussing her organization’s key objectives – and how the technology her team recently adopted is helping it to achieve them. Every day, the carers and […]

  • A smiling man wearing glasses looking at the camera

    HUS: sharing data securely to make life-saving decisions

    Illnesses and diseases don’t often play fair – an unfortunate truth that was proved by the COVID-19 outbreak in early 2020, heavily hitting healthcare organizations with challenges the world hadn’t seen in a century. Hospitals needed a rapid response to reduce spreading the virus without affecting patient care. A high-pressure situation for any institution, but […]

Manufacturing

  • Etex

    Etex uses modern tools to unite its business and better focus on customers

    When it comes to construction, all components must come together in a timely manner in order to produce the optimum product. While Etex, a Belgian building solution manufacturing company, helps make this a reality on a day-to-day basis, it wanted to find a way to enhance productivity and collaboration internally. With locations across more than […]

  • Mais on a sunny day

    COFCO International: How cloud technologies ensured business continuity during challenging times

    “I have worked at COFCO for 12 years, always in an office. But I have spent the last 63 days working from home.” Marcus Seelbach, Chief HR Officer at global agribusiness COFCO International, is talking from his home via video call about the transition he and all his colleagues have undergone since COVID-19 led to the closure of the company’s offices worldwide. “But thanks to the preparation and […]

Retail

  • HeadBrands is ready for the future with Microsoft 365 Business

    HeadBrands is ready for the future with Microsoft 365 Business

    Since its creation in 2010, HeadBrands has continued to grow, rapidly becoming the leading retailer of hairdressing products in Scandinavia. HeadBrands needed a modern IT solution to increase its business productivity and improve collaboration, both within the company and externally. Its response to this challenge was to replace most of its previous services with Microsoft […]

  • Picture from the back of a person attending a Teams meeting with 2 colleagues, discussing about a furniture fabric.

    Zuiver: Supporting both business and culture through technology

    “Since moving to the cloud, there are no limitations anymore. And I’m certain without this technology, we would not have seen the growth we have today.” Jaap Landsaat, CFO and Head of IT at Dutch furniture designer Zuiver, is talking about the profound impact technology has had on the business he co-founded more than 20 years ago. “Back then, we had 100 orders a week […]

Discover more related articles per dossier:

Customer Stories

  • a group of people performing on stage in front of a crowd

    City of Liège: Facilitating decision making in difficult times

    For many organizations, social-distancing measures brought about by COVID-19 have drastically slowed day-to-day operations – and for some, even stopped them altogether. But for local governments across Europe, like the Belgian city of Liège, slowing down hasn’t been an option.  From supporting citizens and businesses to protecting frontline workers, Liège city had to quickly provide stability during this crisis and ensure important decisions could still be made in a democratic […]

Digital Transformation

Security & Privacy

Tips

  • a group of people sitting at a table

    A single collaboration hub to help sales soar

    Do you know Microsoft’s secret to sales success? Collaboration. It’s at the heart of its culture and solutions. Today, companies investing in teamwork are five times more likely to be high-performing, so collaboration could be the difference between profit and loss. When compared to five years ago, an average information worker spends 50% more time […]