Digital safety periods at Microsoft Ignite to arrange you for the period of AI

1000’s of safety professionals will be part of us for Microsoft Ignite 2023 from November 14 to 17, 2023, the place we’ll share the best way to embrace the AI period confidently, with safety for folks, knowledge, units, and apps that extends throughout clouds and platforms. With greater than 45 safety periods, there are numerous thrilling keynotes, breakouts, and demonstrations to fill your time. That will help you navigate the Microsoft Safety expertise at Microsoft Ignite, we’ve put collectively a information of featured periods for safety professionals of all ranges, whether or not you’re attending in individual or on-line.  

Whereas our in-person tickets have offered out, registration for the digital occasion continues to be obtainable to take part within the Microsoft Safety expertise at Microsoft Ignite, which incorporates periods on safety methods and sensible functions. In each tracks,​ you’ll be taught concerning the newest improvements and implementation methods from Microsoft Safety throughout complete safety, unified visibility, and Microsoft Safety Copilot. Preserve studying this weblog submit for concepts on keynotes, breakout periods, and discussions to take a look at. Register to browse our session catalog and bookmark periods you’d prefer to attend.

Catch the information highlights throughout our keynote

Our announcement-packed keynote from Charlie Bell, Govt Vice President, Microsoft Safety, and Vasu Jakkal, Company Vice President, Safety, Compliance, Id, and Administration, Microsoft, might be highlighted on Day 2 of Microsoft Ignite. Don’t miss insights from them throughout their keynote, “The Future of Security with AI.” They are going to share how Microsoft is delivering AI for safety with Microsoft Security Copilot, and the way we allow organizations to safe and govern AI with new capabilities. This new period of AI affords unprecedented alternatives to raise human potential but additionally challenges organizations with unknowns and dangers.

Register for Microsoft Ignite Security sessions

Be taught safety methods for as we speak’s and tomorrow’s challenges 

Our cybersecurity technique periods are centered on equipping you to leverage AI and Microsoft Safety options to strengthen your risk protection technique. Be part of these periods to take your methods to the following stage throughout identification safety, code-to-cloud approaches, business finest practices for AI, and the newest learnings in risk intelligence.   

Technique periods to contemplate becoming a member of embrace:

  • How we secure the Microsoft estate (BRK291H: in-person and on-line): Be part of a hearth chat with Bret Arsenault, Company Vice President and Chief Info Safety Officer, on Microsoft’s strategy to safety and the way Microsoft plans to adapt because the business continues to embrace the brand new period of AI.
  • Boosting ID Protection Amid Sophisticated Attacks (BRK294H: in-person and on-line): Alex Weinert, Vice President, Id Safety, and Mia Reyes, Director, Foundational Safety—Cybersecurity, will supply a deep dive into the escalating panorama of cyberthreats focusing on digital identities amid the evolving tech realms of the Web of Issues, operational expertise, and hybrid workspaces. Study innovation in automated key administration and {Hardware} Safety Modules for fortified key storage, essential in mitigating human errors and bolstering defenses in opposition to refined aggressors.
  • This Year In Threats: Tales From Microsoft’s Global Fight Against APTs” (BRK299: in-person solely): Sherrod DeGrippo, Director of Risk Intelligence, and John Lambert, Company Vice President, Distinguished Engineer, Microsoft Safety Analysis, will talk about how Microsoft defends prospects on the nexus of the cyber and bodily worlds and the way they’ll be part of our international alliance to assist in giving unhealthy actors nowhere to cover. This 12 months, Microsoft Risk Intelligence stood with its companions on the forefront of the worldwide response to probably the most impactful threats and incidents. On this session, look again on the risk actors and campaigns that outlined 2023 and listen to our consultants inform their favourite tales from the entrance line.
  • Secure access in the AI era: What’s new in Microsoft Entra (BRK297H: in-person and on-line): Jade D’Souza, Product Supervisor; John Savill, Cloud Answer Architect; and Pleasure Chik, President, Id and Community Entry, will supply particulars on improvements for Microsoft Entra ID (previously Azure Lively Listing) that may enable you to robotically forestall identification compromise, implement granular entry insurance policies, govern permissions, and leverage AI to safe entry for anybody to something from wherever. This demo-centric session will observe an worker as they onboard, entry sources, and collaborate.
  • Unifying XDR + SIEM: A new era in SecOps” (BRK293H: in-person and on-line): Preeti Krishna, Principal Product Supervisor, and Rob Lefferts, Company Vice President, Microsoft Risk Safety, will supply insights on how the newest improvements in generative AI, computerized assault disruption, embedded risk intelligence, decoy property, a reimagined consumer interface, and cloud posture administration capabilities will supercharge your risk detection, response, and protection.
  • Secure and govern your data in the era of AI” (BRK296H: in-person and on-line): Erin Miyake, Principal Product Supervisor; Herain Oberoi, Advertising Chief; Tina Ying, Senior Product Advertising Supervisor, Insider Danger Administration; and Rudra Mitra, Company Vice President, Microsoft Information Safety and Compliance, will reveal how Microsoft Purview’s complete strategy to knowledge safety, compliance, and privateness helps empower organizations to guard and govern their knowledge.
  • Security for AI: Prepare, protect, and defend in the AI era” (BRK298H: in-person and on-line): Douglas Santos, Senior Product Supervisor; Maithili Dandige, Associate Group Program Supervisor, Microsoft 365 Safety and Compliance; and Shilpa Bothra, Senior Product Advertising Supervisor, will talk about the significance of stopping delicate knowledge leaks in AI as third-party AI apps develop exponentially and hackers proceed to launch adversarial assaults utilizing generative AI. Depart this session with a stable protection and methods to safe knowledge as you work together with AI utilizing Microsoft’s complete safety suite.

Achieve sensible functions with in-depth product views

When strategizing a safety strategy, expertise options play a vital position. That will help you turn into an professional on safety options and implement new options inside your group, Microsoft Ignite will embrace periods exploring the use instances of Microsoft options, together with Safety Copilot, Microsoft Entra, Microsoft Purview, and Microsoft Intune.

Sensible utility periods to contemplate becoming a member of embrace:

  • Boost multicloud security with a comprehensive code to cloud strategy” (BRK261H: in-person and on-line): Safeena Begum, Principal Product Supervisor, and Yuri Diogenes, Principal Product Supervisor, will discuss how Microsoft Defender for Cloud may also help you fortify your defenses and improve your incident response technique with cloud safety graphic insights and tailor-made analytics from Defender for Cloud workload safety plans.
  • Fortified security and simplicity come together with Microsoft Intune” (BRK263H: in-person and on-line): Archana Devi Sunder Rajan, Associate Group Product Supervisor, Microsoft Intune; Dilip Radhakrishnan, Associate Group Product Supervisor, Microsoft Intune; Jason Roszak, Chief Product Officer, Microsoft Intune; and Sangeetha Visweswaran, Associate Director of Engineering, will talk about how the following era of endpoint administration and safety capabilities from Microsoft Intune assist remodel safety and IT operations. Learn to simplify app updates, reduce the price of public key infrastructure lifecycle administration, mitigate dangers with AI-derived insights, and unencumber sources by automating IT workflows.
  • Modern management innovation shaping endpoint security (BRK295H: in-person and on-line): Jeff Pinkston, Director of Engineering; Ramya Chitrakar, Company Vice President, Intune Engineering; and Steve Dispensa, Company Vice President, will discover the best way to defend in opposition to the evolving sophistication of cyberthreats whereas guaranteeing a productive workforce. The most recent wave of Microsoft Intune innovation can form your defense-in-depth technique for a safe and productive finish consumer computing property.
  • Beyond traditional DLP: Comprehensive and AI-powered data security” (BRK262H: in-person and on-line): Maithili Dandige, Shilpa Bothra, and Talhah Mir, Product Supervisor, will share how AI-powered Microsoft Purview Info Safety and Microsoft Purview Insider Danger Administration can remodel your knowledge loss prevention (DLP) program, enabling Adaptive Safety and fortifying your knowledge safety posture. Additionally, you will hear about new options that improve incident response and increase endpoint protection and achieve insights on the best way to improve their knowledge safety methods.
  • How Microsoft Purview helps you protect your data” (OD07: on-line solely): Anna Chiang, Senior Product Advertising Supervisor, and Tony Themelis, Principal Product Supervisor, will discover organizational paradoxes and the way Microsoft Purview may also help strengthen your knowledge safety posture. They may also reveal how our newest AI-powered and contextual classifiers can establish delicate commerce secrets and techniques, personally identifiable info, and extra in seconds throughout your digital property.
  • Effortless application migration using Microsoft Entra ID” (OD03: on-line solely): David Gregory, Director of Product Advertising, Id Compete, will share how our newly proposed device provides a one-click configuration to combine functions into Microsoft Entra ID. Throughout this on-demand session, we’ll present an outline of how our device affords a guided expertise to seamlessly facilitate the migration of your functions from Lively Listing Federation Companies to Microsoft Entra ID.
  • Bringing Passkey into your Passwordless journey” (OD02: on-line solely): Calvin Lui, Product Supervisor; Erik Dauner, Senior Program Supervisor; and Mayur Santani, Product Supervisor, stroll you thru the background of the place passkeys got here from, their influence on the passwordless ecosystem, and the product options and roadmap bringing passkeys into the Microsoft Entra passwordless portfolio and phishing-resistant technique.
  • The power of Microsoft’s XDR: they attempted, we disrupted” (BRK265H: in-person and on-line): Dustin Duran, Director of Safety Analysis, and Kim Kischel, Director of Product Advertising—XDR, will talk about Microsoft 365 Defender’s computerized assault disruption expertise and provide you with a transparent understanding of assault disruption and the way it’s offering instant worth to prospects in the actual world as we speak.
  • Making end-to-end security real (BRK267H: in-person and on-line): Mark Simos, Lead Cybersecurity Architect, and Sarah Younger, Senior Cloud Safety Advocate, will share fast wins that clear up real-world issues utilizing Microsoft’s built-in safety merchandise. This session will present you the best way to make progress on end-to-end safety throughout identification, safety operations, and extra.

Work together with the consultants

Microsoft Security Team experts participating at Microsoft Ignite 2023.

Deliver your questions on Microsoft options. Our consultants have solutions. Join with them throughout dwell discussions to be taught extra.

Alternatives to work together with the consultants embrace:

  • Windows 11, Windows 365, & Microsoft Intune Q&A” (DIS657H: in-person and on-line): Gabe Frost, Group Product Supervisor; Harjit Dhaliwal, Senior Product Advertising Supervisor; Jason Githens, Principal Group Product Supervisor; and Joe Lurie, Senior Product Supervisor, will take part in a collaborative query and reply session about the place we’re as we speak with Home windows 11 and gadget administration—and what it’s essential to propel your group and IT methods. We’ll shortly define just a few of the newest industrial enhancements, however the focus right here is in your ideas and questions.
  • Preventing loss of sensitive data: Microsoft Purview DLP Q&A” (DIS666H: in-person and on-line): Shekhar Palta, Principal Product Advertising Supervisor, and Shilpa Bothra will talk about Microsoft Purview DLP and the best way it may well forestall unintended or intentional lack of delicate knowledge throughout apps and units. Be part of us to debate how one can modernize your DLP and get began shortly, and find out how DLP works with Microsoft Defender merchandise.
  • Panel discussion: Resilient. Compliant. Secure by default” (DISFP375: on-line solely): Joye Purser, International Lead, Area Cybersecurity, Veritas Applied sciences; Saurabh Sensharma, Principal Product Supervisor, Microsoft; Simon Jelley, Normal Supervisor for SaaS Safety, Endpoint and Backup Govt, Veritas Applied sciences; and Tim Burlowski, Senior Director of Product Administration, Veritas Applied sciences, will talk about safety methods. Be part of Veritas consultants for an interactive query and reply on guaranteeing your cloud functions are resilient and your knowledge is protected, compliant, and recoverable when it issues most.

Socialize with us and your friends

As you’ve in all probability skilled your self at earlier conferences and enterprise networking occasions, a few of the finest concepts are sparked throughout conversations with different safety professionals. Get social and be part of us and your cybersecurity friends at two unimaginable networking occasions.

  • The Lounge at Microsoft Ignite: Positioned within the Hub on Stage 5 (Summit Conference Heart), the Lounge is the principle gathering space for group. The Lounge might be staffed by Microsoft full time workers and attending Most Helpful Professionals (MVPs) to supply steady query and reply alternatives.
  • Microsoft Ignite Safety After Get together: Community and join over drinks and appetizers on Wednesday, November 15, 2023, at The Collective. Companions, prospects, Microsoft MVPs, and Microsoft subject-matter consultants will combine and mingle. Register to reserve your spot.

Register as we speak for Microsoft Ignite

Be part of us on-line from wherever from November 15 to 16, 2023, to listen to main product bulletins, inspiring messages, and professional insights on the way forward for cybersecurity and Microsoft options. And in the event you’re not in a position to take part in any respect this 12 months, you possibly can nonetheless try loads of session content material, product bulletins, and keynotes after Microsoft Ignite wraps up. Will probably be obtainable on demand after the occasion. Reserve your spot today. Hope you possibly can be part of us!

Be part of the Safety Tech Accelerator

We’re additionally having a Tech Accelerator occasion on Wednesday, December 6, 2023. Ask questions concerning the newest product bulletins from Ignite and join together with your safety friends at this digital skilling occasion hosted on the Safety Tech Neighborhood—register today.

Be taught extra

To be taught extra about Microsoft Safety options, go to our website. Bookmark the Security blog to maintain up with our professional protection on safety issues. Additionally, observe us on LinkedIn (Microsoft Security) and X (previously often known as Twitter) (@MSFTSecurity) for the newest information and updates on cybersecurity.

Microsoft Entra expands into Security Service Edge and Azure AD becomes Microsoft Entra ID

By Joy Chik, President, Identity & Network Access

A year ago when we announced the Microsoft Entra product family, we asked what the world could achieve if we had trust in every digital experience and interaction.1 This question inspired us to offer a vision for securing the millions and millions of connections that happen every second between people, machines, apps, and devices that access and share data.

Protecting identities and access is critical. As our work and lives become increasingly digital, cyberattacks are becoming more frequent and more sophisticated, affecting organizations of every size, in every industry, and in every part of the world. In the last 12 months, we saw an average of more than 4,000 password attacks per second, an almost threefold increase from the 1,287 attacks per second we saw the previous year.2 We’re also seeing far more sophisticated attacks, including ones that manage to evade critical defenses, such as multifactor authentication, to steal access tokens, impersonate a rightful user, and gain access to critical data.

https://www.microsoft.com/en-us/videoplayer/embed/RW16VoB

To help organizations protect their ever-evolving digital estates, we’ve been expanding beyond managing directories and authenticating users to securing and governing access for any identity to any app or resource. Today, we’re thrilled to announce the next milestone in our vision of making it easy to secure access with two new products: Microsoft Entra Internet Access and Microsoft Entra Private Access. We’re adding these capabilities to help organizations instill trust, not only in their digital experiences and services but in every digital interaction that powers them.

Secure access to any app or resource, from anywhere

Flexible work arrangements and the resulting increase in cloud workloads are straining traditional corporate networks and legacy network security approaches. Using VPNs to backhaul traffic to the legacy network security stack weakens security posture and damages the user experience while using siloed solutions and access policies leaves security gaps.

Microsoft Entra Internet Access is an identity-centric Secure Web Gateway that protects access to internet, software as a service (SaaS), and Microsoft 365 apps and resources. It extends Conditional Access policies with network conditions to protect against malicious internet traffic and other threats from the open internet. For Microsoft 365 environments, it enables best-in-class security and visibility, along with faster and more seamless access to Microsoft 365 apps, so you can boost productivity for any user, anywhere. Microsoft 365 scenarios in Microsoft Entra Internet Access are in preview today, and you can sign up for the preview of capabilities for all internet traffic and SaaS apps and resources that will be available later this year.

Microsoft Entra Private Access is an identity-centric Zero Trust Network Access that secures access to private apps and resources. Now any user, wherever they are, can quickly and easily connect to private apps—across hybrid and multicloud environments, private networks, and data centers—from any device and any network. Now in preview, Microsoft Entra Private Access reduces operational complexity and cost by replacing legacy VPNs and offers more granular security. You can apply Conditional Access to individual applications, and enforce multifactor authentication, device compliance, and other controls to any legacy application without changing those applications.

Together, Internet Access and Private Access, coupled with Microsoft Defender for Cloud Apps, our SaaS security-focused cloud access security broker, comprise Microsoft’s Security Service Edge (SSE) solution. We’ll continue to evolve our SSE solution as an open platform that delivers the flexibility of choice between solutions from Microsoft and our partners. Pricing for Microsoft Entra Internet Access and Microsoft Entra Private Access will be available when those products reach general availability.

Graphic showing the Microsoft security service edge ecosystem. It illustrates how you can secure access to any app or resource, from anywhere.

Figure 1. Microsoft’s Security Service Edge (SSE) solution.

Neither identity nor network security alone can protect the breadth of access points and scenarios that modern organizations require. That’s why, as cyberattacks get more sophisticated, we’re adding identity-centric network access to our cloud identity solutions. We’re converging controls for identity and network access so you can create unified Conditional Access policies that extend all protections and governance to all identities and resources. With a single place to safeguard and verify identities, manage permissions, and enforce intelligent access policies, protecting your digital estate has never been easier.

Microsoft Azure Active Directory is becoming Microsoft Entra ID

When we introduced Microsoft Entra in May of 2022, it included three products: Microsoft Azure Active Directory (Azure AD), Microsoft Entra Permissions Management, and Microsoft Entra Verified ID.1 We later expanded the Microsoft Entra family with Microsoft Entra ID Governance and Microsoft Entra Workload ID.3 Today, Microsoft Entra protects any identity and secures access to any resource—on-premises, across clouds, and anywhere in between—with a product family that unifies multicloud identity and network access solutions.

To simplify our product naming and unify our product family, we’re changing the name of Azure AD to Microsoft Entra ID. Capabilities and licensing plans, sign-in URLs, and APIs remain unchanged, and all existing deployments, configurations, and integrations will continue to work as before. Starting today, you’ll see notifications in the administrator portal, on our websites, in documentation, and in other places where you may interact with Azure AD. We’ll complete the name change from Azure AD to Microsoft Entra ID by the end of 2023. No action is needed from you.

Chart outlining all the product name changes that come with the renaming of Azure AD to Microsoft Entra ID.

Figure 2. With the name change to Microsoft Entra ID, the standalone license names are changing. Azure AD Free becomes Microsoft Entra ID Free. Azure AD Premium P1 becomes Microsoft Entra ID P1. Azure AD Premium P2 becomes Microsoft Entra ID P2. And our product for customer identities, Azure AD External Identities, becomes Microsoft Entra External ID. SKU and service plan name changes take effect on October 1, 2023.

More innovations in Microsoft Entra

Today we’d also like to highlight other innovations in the Microsoft Entra portfolio that strengthen defenses against attackers who are becoming more adept at exploiting identity-related vulnerabilities such as weak credentials, misconfigurations, and excessive access permissions.

Prevent identity takeover in real time

Several exciting changes to Microsoft Entra ID Protection (currently Azure AD Identity Protection) help IT and identity practitioners prevent account compromise. Instead of reactively revoking access based on stale data, ID Protection uses the power of advanced machine learning to identify sign-in anomalies and anomalous user behavior and then block, challenge, or limit access in real time. For example, it may trigger a risk-based Conditional Access policy that requires high-assurance and phishing-resistant authentication methods for accessing sensitive resources.

A new dashboard demonstrates the impact of the identity protections that organizations deploy with a comprehensive snapshot of prevented identity attacks and the most common attack patterns. On the dashboard, you can view simple metric cards and attack graphs that show risk origins, security posture over time, types of current attacks, as well as recommendations based on risk exposure, while highlighting the business impact of enforced controls. With these insights, you can further investigate your organization’s security posture in additional tools and applications for enhanced recommendations.

New Microsoft Entra ID Protection dashboard showing likely attacks and recommendations.

Figure 3. New Microsoft Entra ID Protection dashboard.

Automate access governance

An important part of securing access for any identity to any app is ensuring that only the right identities have the right access at the right time. Some organizations only realize they need to take this approach when they fail a security audit. Microsoft Entra ID Governance, now generally available, is a complete identity governance solution that helps you comply with organizational and regulatory security requirements while increasing employee productivity through real-time, self-service, and workflow-based app entitlements.4

ID Governance automates the employee identity lifecycle to reduce manual work for IT and provides machine learning-based insights about identities and app entitlements. Because it’s cloud-delivered, it scales to complex cloud and hybrid environments, unlike traditional on-premises identity governance point solutions. It supports cloud and on-premises apps from any provider, as well as custom-built apps hosted in the public cloud or on-premises. Our global system integrator partners—including Edgile, a Wipro company, EY, KPMG, and PwC—started helping with the planning and deployment of ID Governance on July 1, 2023.

New Microsoft Entra ID Governance dashboard showing governance posture and recommendations.

Figure 4. New Microsoft Entra ID Governance dashboard.

Personalize and secure access to any application for customers and partners

As we announced at Microsoft Build 2023, new developer-centric capabilities in Microsoft Entra External ID are now in preview. External ID is an integrated identity solution for external users, including customers, patients, citizens, guests, partners, and suppliers. It offers rich customization options, Conditional Access, identity protection, and support for social identity providers. Using our comprehensive developer tools, even those developers who have little to no identity experience can create personalized sign-in and sign-up experiences for their applications within minutes.

Simplify identity verification with Microsoft Entra Verified ID

Since we announced the general availability of Microsoft Entra Verified ID last summer, organizations around the world have been reinventing business processes, such as new employee onboarding, around this new, simpler way of verifying someone’s identity.5 For example, we recently announced that millions of LinkedIn members will be able to verify their place of work using a Verified ID credential.6 At the 2023 Microsoft Build event, we launched the Microsoft Entra Verified ID SDK so that developers can quickly add a secure digital wallet to any mobile application. The app can then store and verify a wide range of digital ID cards.

Microsoft Entra: Secure access for a connected world

You can see our expanded Microsoft Entra product family in Figure 5. Visit the Microsoft Entra website to learn more.

Microsoft Entra family of identity and network access products.

Figure 5. The Microsoft Entra family of identity and network access products.

We’re committed to building a more secure world for all and making life harder for threat actors, easier for admins, and more secure for every user. As part of that commitment, we’ll keep expanding Microsoft Entra to provide the broadest possible coverage along with a flexible and agile model where people, organizations, apps, and even smart things can confidently make real-time access decisions.

Encourage your technical teams to dive deeper into these announcements by attending the Tech Accelerator event on July 20, 2023, on the Microsoft Tech Community.

Microsoft Entra

Meet the family of multicloud identity and access products.

Learn more 

a man looking at the camera

Learn more

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.


1Secure access for a connected world—meet Microsoft Entra, Joy Chik and Vasu Jakkal. May 31, 2022.

2Microsoft internal data.

3Do more with less—Discover the latest Microsoft Entra innovations, Joy Chik. October 19, 2022.

4Microsoft Entra ID Governance is generally available, Joseph Dadzie. June 7, 2023.

5Microsoft Entra Verified ID now generally available, Ankur Patel. August 8, 2022.

6LinkedIn and Microsoft Entra introduce a new way to verify your workplace, Joy Chik. April 12, 2023.

New Microsoft identity and data security capabilities to accelerate CMMC compliance for the Defense Industrial Base

By Steve Faehl, Federal Security Chief Technology Officer, Microsoft

As Department of Defense (DoD) Chief Information Officer Hon. John Sherman said recently, Cybersecurity Maturity Model Certification (CMMC) is necessary to ensure that the United States raises the bar for protecting sensitive information.1 The DoD is leading by example towards this goal by implementing Zero Trust practices and introducing CMMC to strengthen the supply chain throughout the Defense Industrial Base (DIB) because shared information is only as secure as the weakest link.2

The DIB as a whole has been making progress toward improving its security posture, but it can still be challenging to prepare for the required full third-party audit—especially for small and medium-sized businesses (SMBs).3 While some DIB organizations may be well-positioned to pass a Third-Party Assessment Organization (3PAO) audit, it’s important for all DIB organizations to achieve CMMC compliance to realize the objective.

Microsoft is introducing new capabilities in Microsoft Entra ID and Microsoft Purview that support CMMC compliance while also helping DIB organizations accelerate their Zero Trust journeys. Identity and data protection are central to compliance, security, and empowering more user productivity and collaboration.

Voluntary self-assessment? Why would we do that?

Although CMMC 2.0 is still in its early stages, DIB companies should move ahead with meeting today’s CMMC requirements, including undergoing voluntary assessments. Doing so helps bolster national security while also preparing companies for future DoD compliance requirements.

One of the callouts from the National Cybersecurity Strategy is that those that can do more, should. Microsoft affirmed this principle by signing up for CMMC voluntary assessment effort, where we earned a perfect 110-point score. This validation demonstrates that Microsoft Azure Government and Microsoft 365 GCC High services can be effectively used to help DIB members accelerate their compliance.

Microsoft is taking the opportunity to share lessons learned and best practices that can inform planning within the DIB. Adopting Microsoft 365 GCC High and Azure Government as starting points allows organizations to use familiar Microsoft 365 productivity tools and Microsoft Azure Cloud Services while accelerating their compliance journey. As a primary platform for collaboration, Microsoft 365 also satisfies controls beyond the cloud; its configuration is a well-documented path to compliance with the National Institute of Standards and Technology (NIST) SP 800-171 controls.

We have recently developed capabilities and guidance for identity, data, and device protection that can help DIB members achieve and measure progress on compliance faster and more effectively.

The benefits of utilizing cloud identity

CMMC encompasses 72 practices across 13 domains, so the ability to address them holistically through Microsoft Entra ID delivers huge advantages in terms of time, resources, and visibility. Identity provides a strong starting point for CMMC 2.0 compliance given its ability to address multiple domains in CMMC 2.0 Levels 1-3.

AZURE ACTIVE DIRECTORY IS BECOMING MICROSOFT ENTRA IDLearn more 

Microsoft Entra ID is unique in providing elevated security, increased collaboration, and a better user experience. The newest features of Microsoft Entra ID make passwordless authentication easier and establishes trust through the cloud for business-to-business (B2B) collaboration, which are some of the ways Microsoft Entra ID helps enable CMMC compliance while also making users more productive and increasing teamwork within and across secure environments.

Identity empowers Zero Trust

CMMC documents several key identity components and controls critical to achieving security transformation with Zero Trust. Getting these aspects right from the start can enable a faster path to success across the other Zero Trust pillars.

One example is the utilization of a centralized identity management system which is also a requirement of Executive Order (EO) 14028. While smaller organizations are at a disadvantage for CMMC in some ways, this is one area in which SMBs can often be more agile. There are simple changes any organization can make to rapidly mature its posture—including implementing some of the best practices and prescriptive CMMC identity guidance published by Microsoft.

Strong authentication is pivotal for achieving higher levels of CMMC compliance. However, relying solely on the strongest authentication method available may be inflexible and at times hinder user productivity. Having multiple authentication methods offers users greater flexibility while enhancing their productivity. A new option in Microsoft Entra ID offers the strongest authentication option available by default, allowing organizations to safely direct users toward higher security measures.

There’s more than one way to approach user challenges. Organizations can take advantage of Microsoft Authenticator’s easy access to strong authentication tools. However, we also support tools from partners such as Yubico. This provides a variety of ways for DIB members to perform authentication, which we can then map to the appropriate level of assurance.

Secure sensitive data with a platform approach

Another goal of CMMC 2.0 is safeguarding sensitive information, such as Controlled Unclassified Information (CUI) and Federal Contract Information (FCI), which includes many categories of data such as personal records or contract information for sensitive projects. When this data is put at risk, it can have significant consequences for national security.

Microsoft’s data security platform, Microsoft Purview, can help government agencies identify and locate their data, detect data security risks, and prevent data loss across clouds, apps, and devices. Recently, Microsoft announced more than 25 new features for government and commercial customers to help them get ahead of potential security incidents, such as data leaks and theft, along with the availability of additional logs to enhance security monitoring and incident response. Data protection is supported by three key products within the Microsoft Purview family:

  1. CMMC requires organizations to implement specific security controls and practices based on the sensitivity of the data they handle, so information protection is essential. Microsoft Purview Information Protection enables customers to classify data, protect it through encryption, and gain visibility into sensitive data. It can also help government organizations discover, classify, and protect data using built-in and ready-to-use advanced classifiers, which include sensitive information types (SITs) that can identify personal information such as credit card numbers, addresses, and medical conditions. More complex data types and scenarios can utilize custom AI classifiers that can be easily trained from sample data.
  2. Falling under the CMMC Audit and Accountability domain, insider risk can be a significant challenge for organizations. According to a report by the Insider Threat Defense Group, insider risks accounted for 33 percent of all data breaches in the public sector.4 Microsoft Purview Insider Risk Management helps customers uncover elusive insider risks through multiple machine learning models with intelligent detection and analysis capabilities.
  3. Under CMMC, data loss prevention (DLP) solutions are a critical part of preventing the unauthorized transfer and use of data, as well as data exfiltration. Microsoft Purview Data Loss Prevention (DLP) acts as an integrated and extensible offering that allows organizations to manage their DLP policies from a single location.
Chart showing the Microsoft Partner Ecosystem categories of Information Protection, Inspire Risk Management, and Data Loss Prevention.

Each of these three solutions integrates seamlessly to enable agencies to fortify data security with a defense-in-depth approach—all while facilitating easier CMMC compliance.

Additionally, Compliance Manager provides CMMC assessment templates to help organizations assess their compliance posture against CMMC in a comprehensive control-by-control way. Regulations are added to Compliance Manager as new laws and regulations are enacted and can be used to help organizations meet national, regional, and industry-specific requirements governing the collection and use of data.

Go-forward guidance for DIB organizations

While the final rules under CMMC 2.0 have not yet been published, we do know that the underlying technical controls will continue to be based on NIST 800-171. For DIB members, having a trusted platform that has gone through accreditation requirements itself is a great starting point. Beyond a trusted platform adoption, DIB organizations can also follow the guidelines for secure configuration that we provide.

As we continue down this path with the adoption of CMMC 2.0, there will be more guidance that we can bring to the table with lessons learned from our own voluntary audit. The successful audit also provides evidence that Microsoft can accept the flow-down terms applicable to cloud service providers.

Compliance capability built for every DIB organization

Microsoft platforms and tools, including Microsoft Entra ID, Microsoft Authenticator, and Microsoft Purview, can ease compliance for DIB organizations of different sizes and structures, particularly companies that may be resource-constrained.

New capabilities and enhancements built on Secure-by-Design and Secure-by-Default principles are making it easier for organizations to improve their security posture and meet CMMC requirements. Our goal behind compiling CMMC-specific guidance in a single place is to empower the entire DIB ecosystem to support more secure, effective interactions with the federal government.

Learn more

Learn more about Microsoft Entra ID and Microsoft Purview.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.


1DOD CIO Says CMMC 2.0 Coming Soon: ‘We Want to Get This Right’, Charles Lyon-Burt. May 17, 2023.

2Defense Primer: U.S. Defense Industrial Base, Congressional Research Service. April 17, 2023.

3CMMC: Managing digital risk for the Defense Industrial Base (DIB) and beyond, CyberAB.

4Insider Threat Report, Cybersecurity Insiders. 2020.

Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Wave™ report

Microsoft is proud to be recognized as a Leader in the Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report. At Microsoft, we understand modernizing security is a complex task in this era of ever-evolving cyberthreats and complex digital environments. Serious threats have necessitated a paradigm shift in how organizations protect their digital estates. That’s why Microsoft embraces an end-to-end Zero Trust architecture: a comprehensive approach to security that helps our customers effectively mitigate business risk in the era of hybrid and remote work.

Microsoft’s leadership

Zero Trust has become the industry standard for securing complex, highly distributed digital estates. And Microsoft is in a unique position to help customers with their security needs, as Microsoft delivers end-to-end cross-cloud, cross-platform security solutions, which integrate more than 50 different categories across security, compliance, identity, device management, and privacy, informed by more than 65 trillion threat signals we see each day. Microsoft is actively engaged with the National Institute of Standards and Technology (NIST), most recently providing public commentary for the NIST National Cybersecurity Center of Excellence (NCCoE) and participating in The Open Group where we co-chaired the Zero Trust Architecture (ZTE) forum. As we look to the future, Microsoft recognizes that customers are entering the era of AI. And by combining the principles of Zero Trust with the capabilities of AI, organizations will have the potential to create a formidable defense against modern cyberthreats. In this blog, we will explore Forrester’s latest evaluation of the Microsoft end-to-end Zero Trust architecture and what the future will hold by leveraging the power of AI.

Forrester Wave™: Zero Trust Platforms report

See why Forrester recognizes Microsoft as a Leader in Zero Trust.

Read the report 

Side view close-up of a man typing on his phone while standing behind a Microsoft Surface Studio.

Comprehensive end-to-end protection

Its Copilot theme carries over to a notable vision to provide end-to-end, step-by-step guidance for implementing ZT while leveraging AI. This means customer can take their ZT journey with Microsoft in lockstep.Forrester Wave™: Zero Trust Platforms, Q3 2023 report

We are proud that the Microsoft Zero Trust platform has been recognized as a Leader in the Forrester Wave™: Zero Trust Platforms, Q3 2023 report, which we believe demonstrates Microsoft’s strong track record for being a comprehensive end-to-end platform.

Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report

The Forrester Wave™ report evaluates Zero Trust platforms based on criteria that include network security, centralized management and usability, data security, device security, automation, orchestration, people, and identity security—along with both on-premises and cloud deployments. In the latest evaluation for Q3 2023, the Microsoft end-to-end Zero Trust architecture has demonstrated its excellence in these areas by being named a Leader in this inaugural Forrester Wave™ report evaluating Zero Trust Platform Providers. The Microsoft end-to-end Zero Trust model received the highest possible score in the following categories based on the Forrester analyst criteria: people and identity security, device security, enabling and protecting the hybrid workforce, data security, automation and orchestration, visibility, and analytics.

Zero Trust in the age of AI

In an era where AI is rapidly transforming how we work, its convergence with cybersecurity brings both immense opportunities and new challenges. Here’s why Zero Trust becomes even more crucial:

  1. Sophistication of threats: As cyberattacks have become more sophisticated and capable of evading traditional security measures, Zero Trust, with its emphasis on continuous verification, explicit verification, and least privileged access, offers a more effective defense against these advanced threats with or without AI capabilities.
  2. Data protection and privacy: AI relies on vast amounts of customers’ data to help the user be more productive, and safeguarding this data is paramount. Zero Trust’s data-centric approach ensures that access to sensitive data is highly controlled, mitigating the risk of unauthorized AI-driven breaches.
  3. Automated responses: AI-enabled security can provide rapid automated responses to threats. When integrated with Zero Trust, AI-driven responses become even more effective by improving alert fatigue, adapting access controls in real-time, minimizing damage, and containing potential breaches.

Looking to the future

Microsoft’s leadership in Zero Trust, as shown by the latest Forrester Wave™, highlights our commitment to continuously evolving cybersecurity to meet the security demands of the digital age. With AI becoming a cornerstone of modern threats and defenses, the Zero Trust principles of assume breach, least privileged access, and continual explicit verification are more crucial than ever. As organizations navigate the evolving landscape of cyberthreats, the synergy between Microsoft’s end-to-end Zero Trust strategy and the capability of AI provides a formidable defense mechanism that is both forward-looking and resilient.

For more information on this recognition, check out the full Forrester Wave™: Zero Trust Platforms, Q3 2023 report

Learn more


To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.


The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

Forrester Wave™: Zero Trust Platform Providers, Q3 2023, Carlos Rivera and Heath Mullins, September 19th, 2023

New security features in Windows 11 protect users and empower IT

While attacks are getting more sophisticated, so are our defenses. With recent innovations like secured-core PCs that are 60 percent more resilient to malware than non-secured-core PCs,1 and the Microsoft Pluton Security Processor that adds more protection by isolating sensitive data like credentials and encryption keys, Windows 11 has elevated the security bar for all. Our goal is to protect organizations by simplifying security, building in stronger protections from the chip to the cloud.

From more secure and easy-to-use authentication with multifactor authentication to adding extra layers of protection for applications and data, we’ve simplified and enabled more security features by default than ever before with Windows 11. These features are designed to help stop attacks we’re seeing now as well the more sophisticated and targeted attacks that we expect to become more mainstream in the future. We have also begun to adopt memory-safe languages like Rust, starting with using Rust code for two traditional attack targets—Font Parsing and Win32k Kernel.

When we launched Windows 11 it came with new hardware and software features like secure boot, virtualization-based security, hypervisor-protected code integrity, and Windows Hello using the Trusted Platform Module (TPM) on by default in many regions. Since turning those features on, organizations have reported a 58 percent reduction in security incidents, and a three times reduction in firmware attacks—a highly attractive and lucrative target for attackers. Our data shows that 83 percent of Windows 11 devices use three or more security features. 

We’re excited to take the next step on this journey with updates for security and IT professionals available today and on by default for new installs of Windows 11.

New Windows 11 security features

Windows 11 features give you the power to create, collaborate, and keep your stuff protected.

Learn more 

Side view close-up of a man typing on his phone while standing behind a Microsoft Surface Studio.

The next step towards eliminating passwords entirely

Microsoft global threat intelligence processes more than 65 trillion security signals every day. That intel has shown us there are more than 4,000 password attacks every second.2 Everyday cybercriminals as well as nation-state attackers like Peach Sandstorm are leveraging password spray attacks to compromise high-value targets in sectors like satellite, defense, and pharmaceuticals. Organizations can reduce their risk of compromise to these kinds of attacks with Windows passwordless authentication and multifactor authentication features that offer more protection than traditional passwords.

Passkeys make passwordless easier and more universal: Windows 11 will make it much harder for hackers who exploit stolen passwords through phishing attacks by empowering users to replace passwords with passkeys. Passkeys are the cross-platform future of secure sign-in management. Microsoft and other technology leaders are promoting passkeys as part of the FIDO Alliance. A passkey creates a unique, unguessable cryptographic credential that is securely stored on your device. Instead of using a username and password to access a website or application, Windows 11 users will be able to use and protect passkeys using Windows Hello or Windows Hello for Business, or their phone. This will allow users to access the site or app using their face, fingerprint, or device PIN. Passkeys on Windows 11 will work on multiple browsers including Microsoft Edge, Google Chrome, Firefox, and others. Setting up a passkey in Windows is accomplished by:

  • The website or application owner creates a passkey and offers it to you as a sign-in option instead of your password—website and app owners will need to develop their own passkeys infrastructure on their sign-in experience.
  • Once you create the passkey on your device, the next time you sign in to that website or app from your device it will recognize that you have its passkey, and you can use it instead of a password. If you are using Windows Hello or Windows Hello for Business, you will be able to use your face, PIN, or fingerprint to sign in more easily. In addition, you can now use a passkey from your phone or tablet to complete the sign-in process.
  • Users will have a management dashboard through Settings –> Accounts –> Passkeys to see and manage passkeys on their Windows 11 device.

Simplifying and modernizing security for IT by reducing the attack surface 

The latest Windows 11 will also include powerful new tools that enable IT teams to keep their organizations and employees more secure. We’re improving authentication, making it easier for IT to lock down and maintain policy configurations, adding more controls through Intune.

Phish-resistant credentials with Windows Hello for Business Passwordless: Windows 11 devices with Windows Hello for Business or FIDO2 security keys can protect user identities by removing the need to use passwords from day one. IT can now set a policy for Microsoft Entra ID-joined machines, so users no longer see the option to enter a password when accessing company resources. Once the policy is set, it will remove passwords from the Windows user experience, both for device unlock as well as in-session authentication scenarios. With this change, users can now navigate through their core authentication scenarios using strong, phish-resistant credentials like Windows Hello for Business or FIDO2 security keys. If ever necessary, users can leverage recovery mechanisms such as Windows Hello for Business PIN reset or web sign-in. Web sign-in is now available for all supported Microsoft Entra ID authentication mechanisms in addition to Temporary Access Pass (TAP) and education scenarios.

Maintain IT policy control with Config Refresh: Config Refresh is designed to revert policies to a secured state if they’ve been tampered with by potentially unwanted applications or user tampering with the registry. Config Refresh allows Windows 11 devices to be reset every 90 minutes by default, or every 30 minutes if desired, within the policy configuration service provider (CSP). This capability ensures that your settings are retained in the way IT configured them. The policy CSP covers hundreds of settings that were traditionally set with Group Policy and does so through Mobile Device Management, like Microsoft Intune. To enable help desk technicians to support their teams more efficiently Config Refresh can also be paused by IT administrators for a configurable period of time, after which it will be automatically re-enabled. It can also be turned back on at any time by an IT administrator. Starting today, Config Refresh is available to our Insiders and coming soon to all organizations.

Only allow trusted apps with Custom App Control: Applications are the lifeblood of our digital experiences, but they can also become entry points for attackers. With application control, only approved and trusted apps are allowed onto devices. By controlling unwanted or malicious code from running, application control is a critical part of an overall security strategy. Application control is often cited as one of the most effective means of defending against malware. Organizations using Windows 10 and above use App Control for Business (formerly called Windows Defender Application Control) and its next-generation capabilities to protect their digital estate from malicious code. Organizations using Microsoft Intune to manage their devices are now able to configure App Control for Business in the admin console, including setting up Intune as a managed installer.

New configurations in Windows Firewall: We are excited to announce some enhanced management and capabilities for the built-in Windows Firewall to help IT provide better overall protection. Windows Firewall now supports:

  • Application Control for Business (previously known as Windows Defender Application Control) app ID tagging with Windows Firewall rules though Intune. This enables IT to target Windows Firewall rules to specific applications without an absolute file path. 
  • The ability to configure network list manager settings to determine when a Microsoft Entra ID (previously known as Azure Active Directory) device is on your on-premises domain subnets so firewall rules can properly apply. The network list manager settings for Windows Firewall can be used for location awareness. 
  • There is now better support in settings to configure more granular Windows Firewall logging for domain, private, and public firewall profiles, as well as the ability to specify Windows Firewall inbound and outbound rules for ICMP types and codes.

Our continued investment in security and innovation

Our MORSE team, Microsoft Offensive Research and Security Engineering, has been working hard to ensure security is a critical piece of the software development lifecycle. In the last year, the team has dedicated 1.9 million virtual machine hours and more than 84,000 Azure CPU cores dedicated to proactively fuzzing code. In addition to that, we’ve made nearly 700 improvements in our code just the last few months by strengthening the software development lifecycle with security checks and balances, including new automation and AI to help developers find bugs on their own. The proactive work of this team to continue to improve the integrity of our code both old and new is part of our commitment to ongoing investment and innovation in security. The team has released learnings and tools to the community as well like our open source fuzzing tool, Microsoft OneFuzz.

We’re looking forward to continuing this journey to make Windows more secure from the chip to the cloud with every update.

Identity hunting with an enhanced IdentityInfo table

by Or Tsemah

Advanced hunting with an enhanced IdentityInfo table

Back in June 2023, we announced the enhanced IdentityInfo table in Microsoft 365 advanced hunting for Microsoft Defender for Identity customers. Today, we are expanding the availability of this table for all Microsoft defender for Cloud apps customers as part of our journey to enable this experience for all Microsoft 365 Defender customers.

thumbnail image 1 of blog post titled 
	
	
	 
	
	
	
				
		
			
				
						
							Identity hunting with an enhanced IdentityInfo table

What do I get?

With this new table, security analysts have much broader experience with identity-based hunting, allowing them to query more attributes from all detected providers, such as Entra ID assigned roles or Defender for Identity Sensitivity tags for on-premises Active Directory identities, to further enhance their experience and create new powerful queries and custom detections.

Do I need to do anything?

No, the new updated table will appear for all Defender for Identity and cloud apps automatically.

Where can I learn more?

You can view the updated schema details here.

What’s next?

We are constantly working on expanding the available schema with more attributes, stay tuned.

Basic cyber hygiene prevents 98% of attacks

by Quy Nguyen

In today’s digital era, businesses rely heavily on technology and online systems. To help safeguard against cyber threats and ensure business continuity, maintaining basic cyber hygiene is imperative. Adhering to basic security hygiene can protect against 98% of attacks.1

thumbnail image 1 of blog post titled 
	
	
	 
	
	
	
				
		
			
				
						
							Basic cyber hygiene prevents 98% of attacks

Here are five key standards every organization should adopt:

  1. Require phishing-resistant multifactor authentication (MFA):
    • Enable MFA to help prevent 99.9% of attacks on your accounts.2
    • Opt for MFA options with minimal user friction, like biometrics or FIDO2 compliant factors such as Feitan or Yubico security keys.
    • Use conditional access policies and single sign-on (SSO) to streamline the user experience.
  2. Apply Zero Trust principles:
    • Implement a Zero Trust approach to security, verifying every transaction, asserting least-privilege access, and relying on intelligence, advance detection, and real-time response to threats.
  3. Use modern anti-malware:
    • Deploy extended detection and response and anti-malware solutions to help detect threats, automatically block attacks, and provide actionable insights.
    • Leverage security automation and orchestration to streamline threat detection and response.
  4. Keep systems up to date:
    • Unpatched and out of date systems can lead to increased risk. Regularly update firmware, operating systems, and applications to reduce vulnerabilities.
  5. Protect data:
    • Understand your data landscape, label and classify sensitive data, and establish access controls.
    • Address insider risks using the right people, processes, training, and tools to help take into account user context around data.
    • Ensure the proper access controls are in place to help prevent data loss while managing data throughout its lifecycle.

In today’s threat environment, meeting the minimum standards for cybersecurity hygiene is essential and these five pillars can help offer strong protection and reduce risk.

Learn more in the guide Basic cyber hygiene prevents 98% of attacks and visit Security Insider to get more threat intelligence insights.

12022 Microsoft Digital Defense Report

2One simple action you can take to prevent 99.9 percent of attacks on your accounts

4 Likes

 Like