a close up of a logo

Five things we learnt from the Security and Compliance Summit

Sian  John

Sian John

Chief Security Advisor

Read Time, 3 min.

On November 4th 2020, Microsoft Western Europe hosted its first Security and Compliance Summit.

Experts and Security Blackbelts from across Microsoft, including the Detection and Response Team and the Digital Crimes Unit, came together virtually to share perspectives on the latest security, compliance and privacy challenges that seek to compromise the modern workplace – a topic of growing importance as organizations across the world recover from disruption and adjust to a new normal.

Hosted by Sian John MBE, Microsoft’s EMEA Director of Cybersecurity Strategy, the Security Summit explored the crucial issues organizations and security professionals face today, looking at emerging trends in cybersecurity, securing a workforce in a remote working world, insider risks and how to manage them, and so much more.

Below are just some of the key takeaways from the event. And you can watch all the sessions from the summit on demand here.

1. Security and compliance are a shared responsibility

As a business and an employer, there is a responsibility to know exactly what happens to your data – where it is, why you have it, and who can access it, as well as the potential consequences if there is a breach.

Remote work adds a level of complexity – employees may be using personal devices and unsecure applications beyond the trusted network perimeters. That’s why knowledge is key, to understand the risk, the potential impact of a compromise, and how to avoid it.

Technology can ensure controls are in place and make the necessary risk assessments, but it’s a joint responsibility to make sure your organization remains compliant.

2. Security starts with identity

Over recent years there has been a shift in the security mindset, from a network mentality (assuming an individual is secure because they’re in the four walls of a trusted network) to identity – securing organizations and controlling access based on the individual.

It’s important this is done in a way that doesn’t limit an employee’s usability or productivity. Multi-Factor Authentication is a good place to start – the single, most impactful tool to protect against account compromise, while still giving employees seamless access to all apps with single sign-on, from any location or device.

3. Automation can help to minimize ‘alert fatigue’

At the Summit, Simon Gardiner from Microsoft’s Detection and Response Team (DART) encouraged security professionals to be honest about their capacity, and to say when they’re feeling stressed. In reality, monitoring and protecting an organization from security incidents is not an easy task; it takes unparalleled attention, commitment and sometimes availability around the clock.

Technology and automation can play a significant role in reducing this pressure on security teams. If you’ve noticed something abnormal once or twice, leverage automation so that the third time it happens it’s reported, instead of hunted for. Automation frees humans up to do what technology cannot – act with intuition.

4. A new security mindset demands a culture change

Security and compliance doesn’t just impact the team who put the controls in place, it impacts every employee and every output. Security should be viewed as a power shift for a business, and this requires dedicated change management.

Roger Halbheer, Chief Security Advisor at Microsoft, highlighted an interesting perspective about breaking down silos: ‘When you start to align to the business, you start to judge success of the security consultants by business project success’.

5. Complexity is the biggest barrier to security

Before going into deploying advanced measures, it’s crucially important to master the basics. As outlined by Simon Gardiner, enable Multi-Factor Authentication, make sure your VPN solutions are protected, look at when your back-up was last online and tested.

Sandra Elvin and Jim Eckart, recent executive hires and previous CSOs at H&M and Coca-Cola respectively, agreed simplification can strengthen an organization’s security posture. The more security solutions implemented, the harder they become to orchestrate, and a fully-integrated technology stack can ensure that nothing falls through the gaps.

Watch the full summit on demand here.

 

Safeguarding digital privacy

Discover the 5 ways to increase trust and empower people in our latest eBook, Safeguarding digital privacy

Discover more related articles per industry:

Education

Government

  • a man and two women standing in front of a brick building

    Ajuntament de Lleida: transforming the public sector with a modern, virtual workplace

    “At Ajuntament de Lleida, we think differently. We embrace new technology. And when we see that it could add real value to the work we do, we find a way to make it happen.” Carles GinéSabaté, Systems Implementation Planning Manager at Ajuntament de Lleida, is reflecting on his organization’s open-armed approach to digital transformation and […]

  • Iceland runs on Trust

    How the cloud helped a small nation realise big ambitions

    In December 2015, the Icelandic government kicked off a digital infrastructure review. With more than 100 different suppliers managed by over 100 IT managers in each public institution, the brief was clear; to simplify operations and streamline IT for over 20,000 users. The solution: Fast forward two and a half years, and a decision was […]

Healthcare

  • a person sitting in front of a laptop computer

    The ‘Big Bang’ approach to digital transformation – and how to make it work

    These days there’s no such thing as ‘business as usual’. Change and disruption are the new normal. Just think of the changes affecting your organization right now, with new technology and techniques driving new attitudes and expectations from employees and customers alike. Everything is changing. And the one thing all those changes have in common […]

  • logo

    Why trust is the essential ingredient in healthcare digital transformation.

    My phone had scarcely stopped ringing for weeks. Now it was ringing again. “Veronica,” said the voice at the other end, “we have an idea!” Immediately, I recognized who it was. I’ve known Carlo Tacchetti for almost as long as I’ve been at Microsoft. He’s a professor at the Vita-Salute San Raffaele University and the […]

Manufacturing

  • Etex

    Etex uses modern tools to unite its business and better focus on customers

    When it comes to construction, all components must come together in a timely manner in order to produce the optimum product. While Etex, a Belgian building solution manufacturing company, helps make this a reality on a day-to-day basis, it wanted to find a way to enhance productivity and collaboration internally. With locations across more than […]

  • Mais on a sunny day

    COFCO International: How cloud technologies ensured business continuity during challenging times

    “I have worked at COFCO for 12 years, always in an office. But I have spent the last 63 days working from home.” Marcus Seelbach, Chief HR Officer at global agribusiness COFCO International, is talking from his home via video call about the transition he and all his colleagues have undergone since COVID-19 led to the closure of the company’s offices worldwide. “But thanks to the preparation and […]

Retail

Discover more related articles per dossier:

Customer Stories

  • a person sitting in front of a laptop computer

    The ‘Big Bang’ approach to digital transformation – and how to make it work

    These days there’s no such thing as ‘business as usual’. Change and disruption are the new normal. Just think of the changes affecting your organization right now, with new technology and techniques driving new attitudes and expectations from employees and customers alike. Everything is changing. And the one thing all those changes have in common […]

Digital Transformation

  • Two female nurses having a virtual conversation through Microsoft Teams

    Belfast Trust: Reimagining patient care

    “There have been many heroic actions by our staff but we’re not heroes for what we’ve done – I’m just glad we could do our bit to help.” Paul Duffy, Co-Director of IT and Telecommunications at Belfast Trust, is talking about the monumental impact COVID-19 has had on the healthcare sector and how virtual consultations […]

Security & Privacy

Tips

  • a person sitting at a table using a laptop

    How to run the most successful and secure meetings with Microsoft Teams

    With so many people now working from home, it’s more important than ever to hone our remote working skills and stay productive. We have seen a huge spike in the number of people successfully and securely working together via Microsoft Teams. But whether you are brand new to the tool, or already conduct your meetings on Teams, […]