Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
Assume breach, Microsoft’s approach and experience on Cloud Security – Webinar 15 June 2020
15 June 2020 – Cyber Security Coalition
In their third webinar, the Cyber Security Coalition Cloud Security Focus Group had Bart Asnot (Technical Solutions Professional – Security Microsoft) explain how Microsoft looks at cloud security.
Main focus of the presentation was on Microsoft’s ‘Prevent Breach’ and ‘Assume Breach’ philosophies, both preparing for cloud security. ‘Prevent Breach’ we’re all familiar with as its goal is to keep the bad guys out. It is being realized by e.g. code reviews, security testing and techniques alike. ‘Assume Breach’, however, focusses on the preparation of your environment, people, processes and technologies to detect actual attacks and penetrations. By identifying and addressing gaps in all of these you will be able to better detect, respond and recover from attacks and penetrations.
To secure their cloud journey Microsoft adapted the Zero Trust model. Depending on the information you want to access, a specific level of trust is required before access can be granted. By evaluating the user identity requesting access, the device used to do so and the information that is to be accessed, the organizational policy decides if access can be granted and which security policy is to be enforced.
To top things off a demo illustrated some of the use cases mentioned.
Other blog posts
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.
This webinar presents the building blocks of an effective organization-wide risk management and explains the requirements for IT risk management certification.
In this Cyber Talk you gain insights in advanced threats outside your organisation and what you could potentially do to protect you from them.
In this first webinar of the GRC: Be Connected! series, some very basic aspects of cyber security are treated: how to manage necessary skills, what about frameworks, where to find knowledge.