Check out what's new in Security at Microsoft Ignite

by | Oct 29, 2021 | Technology

This article is contributed. See the original author and article here.

Microsoft Ignite is back! The event starts November 2nd, 2021, at 8:00 am PT.  


 


If you haven’t already, register now and complete your schedule!  


 


We are excited for you to join us at Microsoft Ignite for a focused exploration of the security market today. Come share and learn with global leaders in cybersecurity and infrastructure, while exploring the most advanced prevention measures and strategies. Learn how to react to increasing threats, prepare for the next frontier in identity proofing, and improve overall productivity. 


 


Let’s take a quick look to see what is in store this year: 


 


Security Focus Area Session  


Join Vasu Jakkal’s keynote: Protect Everything with End-to-End Security 



  • Tuesday, November 2, 10:35 AM – 11:00 PST 

  • Organizations around the world are facing a surge of sophisticated cyber threats. The hybrid work world is creating new opportunities for bad actors, and increased challenges for IT teams. Join us to learn how Microsoft’s integrated, comprehensive approach to security is helping customers become more secure and resilient. Discover new products and innovations that help you protect everything, from the endpoint to the cloud, across security, compliance, identity, device management, and privacy. Se    e how Microsoft Security is helping organizations of all sizes be safe in the face of increased global cyber threats. 



Featured Sessions from Day 1 


Join Rob Lefferts and Eric Doerr’s session: 
Tackling the biggest cybersecurity challenges for 2022 



  • Tuesday, November 2, 11:30 AM -12:00 PM PST 

    Rob Lefferts, CVP of Microsoft 365 Security | Eric Doerr, CVP of Cloud Security 



  • It’s been a year. The security industry has encountered some major challenges. Yet through it all, we’ve made progress on how to keep ahead of adversaries. In this session, we’ll meet with security leaders to discuss the big issues and lessons learned from the past year. We’ll also share key recommendations for security teams to successfully navigate the evolving threat landscape into 2022 and beyond. 


Join Joy Chik’s session: 
Strengthen resilience with identity innovations in Azure Active Directory 



  • Tuesday, November 2, 1:30 PM – 2:00 PM PST 
    Joy Chik, CVP of Identity  



  • Nation-states and criminal syndicates are applying significant resources to orchestrate multi-pronged attacks against critical services and infrastructure. No single organization can withstand these onslaughts alone. In this session, we’ll share investments we’re making in Azure AD to help you stay protected and productive: a resilient platform, teams, and tolls that detect and respond to hard-to-identify attacks, and systems that strengthen the security posture of your expanding digital estate 


 


Join Rudra Mitra’s session: 


Manage risk and compliance with end-to-end security solutions 



  • Tuesday, November 2, 2:30 PM – 3:00 PM PST 
    Rudra Mitra, CVP, Microsoft 365 Compliance, Security and Privacy 

  • Managing risks is critical to ensuring business continuity, protecting brand reputation, and addressing the various internal and external requirements that you may be subject to. We know your data goes beyond the Microsoft cloud, so we are building solutions to help you reduce risk across your entire digital estate, especially in this hybrid work world. Organizations should not have to make the tradeoff between modern collaboration and modern security. Join our session to learn how our newest innovations help you address these challenges.   


 


Join Alym Rayani’s session: 


Build a privacy resilient workplace with Privacy Management for Microsoft 365 



  • Tuesday, November 2nd, 8:30 AM – 9:00 AM PST 
    Alym Rayani, GM of Compliance & Privacy 



  • With increasing complexities and changes in the privacy regulatory landscape, organizations must ensure privacy is central to their business to build customer trust. This means having greater visibility into personal data and associated privacy risks in your environment, automating privacy operations including subject requests fulfillment, and empowering employees to make privacy-compliant decisions without hindering productivity. Learn how Microsoft’s Privacy Management solution can help you build a privacy resilient workplace. 



Security sessions from Day 2 


 


Join us on day 2 for various security topics delivered by industry experts and insiders on major trends facing the industry helping attendees understand the latest threats and risks, how to address workforce challenges, and looking into the near and far future of cybersecurity.  


 


Microsoft Into Focus: Security 



  • Wednesday, November 3rd, 10:30 AM – 12:00 PM PST 
    Ann Johnson, CVP of SCI Business Development at Microsoft, Vasu Jakkal, CVP of SCI at Microsoft, and more industry experts and insiders 

  • Attend the Keynote Microsoft Into Focus: Security with Microsoft Security leaders Vasu Jakkal, Bret Arsenault, Ann Johnson, on a series of insightful discussions as Microsoft hosts industry experts and insiders around current cybercrime trends, the evolution of hybrid work, and a look into the future of cybersecurity trends and solutions.  


 


Grounding Zero Trust in Reality: Best Practices and Emerging Trends 



  • Wednesday, November 3rd, 12:30 PM – 1:00 PM PST 
    Alex Simons, CVP of Identity Security, Steve Turner, Forrester Analyst 

  • The events of the last two years confirm Zero Trust is no longer an option—it’s a business imperative. Implementing a Zero Trust strategy is best understood as a journey on which organizations and governments around the world have embarked to meet the expanded threat landscape of today. Come and listen to Alex Simons talk about what best practices Microsoft customers have applied in their Zero Trust implementations and listen to a discussion on emerging trends with Steve Turner from Forrester.   


 


Skilling for Security: Forging the workforce of the future 



  • Wednesday, November 3rd, 1:30 PM – 2:00 PM PST 
    Naria Santa Lucia – GM, Digital Inclusion, Microsoft Philanthropies, Laramie County Community College, William Amick – Program Director, Information Technology Pathway, Reinier Moquete – Founder & CEO of CyberWarrior.com 

  • There are almost half a million unfilled cybersecurity positions in the United States alone, and the pipeline of new students is not on track to fill the demand. This session will discuss the workforce challenges facing the cybersecurity industry, and what Microsoft and training institutions are doing to address this critical need.    


 


An inside view on detecting and mitigating insider risks 



  • Wednesday, November 3rd, 3:30 PM – 4:00 PM PST 
    Glenn Kaleta, Microsoft Principal Engineering Program Manager,​ Erin Miyake, Microsoft Principal Program Manager, Mod Tejavanija, Microsoft Senior ​Program Manager, Dan Costa, Technical Manager, Carnegie Mellon University​ 

  • There is no denying the fact that insider risks can pose as great of a damage threat as other security threats like ransomware, phishing, and malware. Yet unlike these security threats where you can develop and operationalize globally optimized detections, insider risk detections present unique and complex challenges where understanding context and correlations is critical to ensure you have a successful insider risk management program. Having run the Insider Threat program at Microsoft we will be discussing the five primary principles that we have learned in our journey both internally and from our customers to help organizations understand what is required to build an effective insider risk program. 


 


External Attack Surface Management: Intelligence Defense in the Age of Digital Transformation 



  • Wednesday, November 3rd, 12:30 PM – 1:00 PM PST 
    Steve Ginty – Director, Threat Intelligence, RiskIQ 

  • Today’s digital transformation means a rapidly expanding IT ecosystem and an ever-evolving threat and vulnerability landscape of both nation-state and criminal actors that target a growing list of vulnerabilities to breach victim organizations. Understanding today’s external attack surface is essential to assess and protect critical assets. This session will demonstrate the vital role of combining vulnerability and traditional threat-actor intelligence in external attack surface management.   


 


Understanding Nation-State Threats 



  • Wednesday, November 3rd, 1:30 PM – 2:00 PM PST 
    Cristin Goodwin, Microsoft General Manager & Associate General Counsel, ​​Digital Security Unit​ 

  • The last 12 months have been marked by historic geopolitical events and challenges that have changed the way organizations approach their daily operations. During this time, nation-state actors have created new tactics and techniques to evade detection and increase the scale of their attacks. In this session, Cristin Goodwin, Associate General Counsel and head of Microsoft’s Digital Security Unit, explains the nation-state threat landscape and provides context for security leaders and practitioners who are looking to better understand the relevancy of these new threats.   


 


Cloud Security: A guide for developing a comprehensive multi-cloud security strategy 



  • Wednesday, November 3rd, 2:30 PM – 3:00 PM PST 
    Andras Cser – Vice President, Principal Analyst, Forrester – Serving security and risk professionals 

  • The era of cloud transformation is driving customers to strengthen the security of their complex environment. Join us for an insightful discussion with a leading industry analyst on how to best approach an end-to-end cloud security strategy. We’ll explore top trends, emerging risks, and potential obstacles – along with practical guidance on how to better protect your IaaS, PaaS, and SaaS services. 


 


How to Develop a Security Vision and Strategy for Cyber-Physical and IoT/OT Systems 



  • Wednesday, November 3rd, 2:30 PM – 3:00 PM PST
    Phil Neray, Microsoft Director of IoT & ​Industrial Cybersecurity, Katell Thielemann, VP Analyst, Gartner 

  • Recent ransomware attacks that halted production for a gas pipeline operator and food processor have raised board-level awareness about IoT and Operational Technology (OT) risk. Security leaders are now responsible for new threats from cyber-physical systems (CPS) and parts of the organization they never traditionally worried about. Join Katell Thielemann from Gartner® to discuss how to develop a CPS risk strategy using the “language of the business” to show security as a strategic business enabler. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.   



Engage with our security experts 


 


Join in on the Connection Zone sessions with security experts for further engagement. The line-up for Ask the Experts this year has something for everyone! 


 


Ask the Experts: 





 


 


Explore the full session catalog to find sessions most interesting for your role and interests. Hear from security experts, attend workshops, watch new product demos, and more. To begin your journey, log into Security at Microsoft Ignite and make sure to register to access all the event has to offer. 


 

Preview of Feedback for Microsoft Teams now available

Preview of Feedback for Microsoft Teams now available

by | Oct 28, 2021 | Technology

This article is contributed. See the original author and article here.

Starting today, the preview of Feedback for Microsoft Teams, a new community feedback experience from Microsoft, is available. Built on Dynamics 365 Customer Service, Feedback continues our dedication to using customer feedback to help with the further development and improvement of Teams. Since 2017, when Teams became the hub for collaboration in Microsoft 365, user submissions have driven the completion of over 500 features and improvements, and we aim to complete thousands more.


 


The new Feedback portal will allow users to submit their own feedback, browse other publicly submitted ideas, track official Microsoft responses, see our top voted customer ideas, upvote the feedback they agree with, and comment on feedback that matches their own. Top known feedback items remain available in the new portal.


Feedback_image.png


 


In Feedback, users will also be able to easily track their favorite ideas through the ‘star’ icon and receive notifications when those ideas are responded to by Microsoft.


 


Explore the new Feedback portal now at https://aka.ms/TeamsFeedback and let us know what you need most from your Teams experience.  Learn more about the broad topic of Feedback at Microsoft in our documentation.

Voices of Healthcare Cloud brings you “ Physision Refferal & Relationship Management”

Voices of Healthcare Cloud brings you “ Physision Refferal & Relationship Management”

by | Oct 27, 2021 | Technology

This article is contributed. See the original author and article here.

Voices of Healthcare Cloud is a webinar series hosted by myself, @Vasu Sharma & @Joshua Thompson. My name is Shelly Avery, I am currently a Dir, Healthcare Specialist for Health and Life Sciences focusing on the largest Payor and Provider customers in the US, Vasu is a Sr Customer Success Manager for Microsoft 365 for Health and Life Sciences & Josh is a Sr Account Executive for Healthcare. The goal of this webinar series is to showcase how Healthcare is seeing positive business and clinical outcomes with cloud technology. 


 


We will be bringing new and creative solutions to you at least once a month, so we hope you tune in live or catch the on-demand recording after the session is completed. 


 


If you want to get direct invites for these sessions, you can let us know by filling out this form.  


 


For our next session, we will be joined by Ellary Rose, Healthcare Subject Matter Expert, as she brings a wealth of knowledge around Physision Refferal & Relationship Management. She is going to speak on a handful of industry challenges around referral management such as keeping referrals in house, processing external referrals and how to manage physician relationships to acquire their referrals.


 


ShellyAvery_1-1635353455365.png


 


These are frequent challenges, and if the processes are ineffective, it can heavily impact patient experience and patient outcomes. By automating these processes, it helps all parties involved — the health organization retains the patient, the provider gets help for their patient quickly and the patient does not fall through the cracks resulting in better care and better outcomes!  


 


Please join us on November 3rd to learn how your organization can positively impact Physician Referral and Relationship Management with these great process and automation tools!  


 


This session will be on November 3rd at 11:00 PT / 12:00 MT/ 1:00 CT / 2:00 ET  


Please click here to join or download the calendar invite here  


 


We also have future sessions lined up and these topics are:  



  • November 10th – Patient Referral Automation 

  • November 17th – Data Driven Patient Engagement  

  • November 24th – No session (Break for Thanksgiving holiday)  


Hopefully you joined our last few webinars on:  



 


Please follow the aka.ms/HLSBlog for all this great content.  


 


Thanks for reading, Shelly Avery | EmailLinkedIn   

Windows 10 IoT Enterprise LTSC 2021 has gone RTM for OEMs

by | Oct 26, 2021 | Technology

This article is contributed. See the original author and article here.

Today marks the day that the latest release of Windows for IoT, Windows 10 IoT Enterprise LTSC 2021 has gone RTM for Original Equipment Manufacturers (OEMs). Windows 10 IoT Enterprise is the latest operating system offering for embedded and IoT devices. With every new release, we continue to deliver on our promise of bringing enterprise-class power, security, and manageability to the Internet of Things in addition to adding new features and capabilities, some of which are highlighted below.


 


This release will be available in two editions:


 



 


New Features and Capabilities in this release


There are several new features and capabilities included with Windows 10 IoT Enterprise, version 21H2. Unless otherwise noted, these features will be included in both the LTSC and SAC versions of the release.


 


Microsoft Edge Browser Support


Windows 10 IoT Enterprise, version 21H2, comes with in-box Microsoft Edge Browser support.


 


Customizable Windows Update UX


With this latest release, we are enabling you to manage your Windows update experience with genericized update message strings and screen accent colors.


 


Soft Real-Time


Windows 10 soft real-time is a new feature with Windows 10 IoT Enterprise, version 21H2 that allows device makers to introduce soft real-time capabilities on their devices.


Check out the following documentation to learn more:



 


Unified Write Filter (UWF) Updates


With Windows 10 IoT Enterprise, version 21H2, there have been many improvements to the Unified Write Filter.



  1. Allowing UWF Swapfile (DISK Overlay) to be created and used on any volume

  2. Read Only Media Mode

  3. Full Volume Commit in Read-Only Media mode


To learn more about how to implement these new features, review Enhanced Unified Write Filter Features


 


Windows Subsystem for Linux (WSL)


Starting with Windows IoT Enterprise LTSC 2021, Windows Subsystem for Linux (WSL) will be available in-box for both LTSC and SAC.


 


GPU Compute Support


With Windows 10 IoT Enterprise, version 21H2 there is additional GPU compute support in the Windows Subsystem for Linux (WSL) and Azure IoT Edge for Linux on Windows (EFLOW) deployments for machine learning and other compute intensive workflows.


 


Adding WPA3 H2E standards support


In this new release, there will be WPA3 H2E standards support for enhanced Wi-Fi security. To learn more, view  Faster and more secure Wi-Fi in Windows


 


 


 


Where to learn more?



 


 


 


 


 


 

Reporting an email in Microsoft Defender for Office 365

Reporting an email in Microsoft Defender for Office 365

by | Oct 25, 2021 | Technology

This article is contributed. See the original author and article here.

Attackers are constantly evolving their phishing technique with sophisticated campaigns to subvert email protection systems like Microsoft Defender for Office 365 and make your security perimeters vulnerable. For this reason, it’s critical that SecOps professionals empower employees to be hypervigilant to such threats and report them as soon as they land in their inboxes.


 


Microsoft Defender for Office 365 has a fully automated detection and remediation system for emails, URLs and attachments that are reported by your employees. User and admin submissions are critical positive reinforcement signals for our machine learning based detection systems to review, triage, rapid-learn and mitigate attacks. The submission pipeline is a tightly integrated solution with automated mail-flow filters that protect your employees from similar threats.


 


You can learn here on how to report an email to Microsoft and manage your submissions here.


 


Once you report an email through the submission process, our system follows a set of actions. If you have any organizational compliance restrictions that prevents a user from reporting sensitive emails outside of your infrastructure, we recommend using the custom mailbox reporting option detailed here. This will ensure that user reported emails will come to your custom mailbox. Admins who are granted privileges to review those emails can then report them back to Microsoft.


 


diannamarks_0-1634839071776.png


Figure 1: Behind the scenes post-submission process flow.


 



  1. Reduce the Noise: We wanted to reduce the noise from the submissions to ensure we send only clean signals for our automated triage system.

    1. Simulation: Your simulated messages from Attack Simulation Training or any of your 3rd party vendor will be filtered.

    2. Policy overrides: Wrongly classified messages due to your tenant’s ploicies or sometimes to end users’ policies are notified so that you can act at your end. From the override scenarios, we also honor your policies if they recommend detection improvements.

    3. Email Auth Check: We validate if the email authentication passed or failed during the email delivery.




You can learn about configuring 3rd party simulations here and learn about our secure by default strategy here.


 



  1. Automated Triage: We run our detection filters once again to identify if our systems have adapted between the time of delivery and your submission.

    1. All our machine learning based email filters will be run on your submissions to reclassify them in case of updated learning.

    2. In case of entities such as URLs and attachments in your submitted emails, we detonate them once again in our highly advanced sandbox environment to uncover the status of weaponization and assign the verdicts accordingly.

    3. We run a series of machine learning models exclusively on the reported submissions to identify, cluster the patterns and reclassify them in case of change in verdicts based on anomalies observed in similar submissions across our global customer base.

    4. We generate automated alerts on user reported phishing submissions by default and enable AIR (Automated Investigation and Response) so that these submissions will carry the verdicts from our automated triaging process. Please note that AIR is only available in MDO plan 2/E5/A5.




You can learn more about our AIR capabilities here.


 



  1. Human Eye: As the weaponization of phishing entities are dynamic, attackers constantly use multiple evasion techniques to bypass filters. That’s why a hybrid approach and human partnered machine learning based solution is the ideal method to stay on top of advanced threats and weaponization tricks.

    1. We prioritize submissions based on various factors such as phish severity, malware indicators, false positives, high volume anomalies, advanced pattern indicators, and whether reported by an admin or user.

    2. Expert graders/analysts are well trained on phish detection techniques and will be dissecting submissions through various Indicators of Compromise (IOC) and do deeper investigation on all email entities such as headers, URLs, attachments, and sender reputation to assign the right verdict on submissions.

    3. Graders generally deliver informed decisions as high-quality verdict signals that are being sent to the above discussed machine learning models 2(c) for continuous reinforcement learning.

    4. Human graded verdicts always take a higher priority and can override the verdict given by the automated triage process.




Human graders review anonymized email header and body metadata and hashed entities in a highly compliant environment that meets all the privacy guidelines from our Trust Center. You can learn more about Microsoft Trust Center here. You can also learn more about data storage here, and learn more about our data retention policies here.


 



  1. Remediation and supervised learning: The new verdict either from automated triage or human grader review will be sent for both rapid remediation and retrain our ML filters faster.

    1. We apply the graded labels from the automated triage system or human graders on the submitted and all related clusters belonging to this submitted pattern.

    2. We move all the messages from the current delivery location to the new location for all the impacted end users. For example, the system will move the messages from inbox to quarantine in case of ‘phish’ verdicts and move from Quarantine/Junk to inbox in case of ‘Good’ verdicts using our Zero-hour Auto Purge (ZAP) platform.

    3. We also identify IOCs by the submitted clusters and add them to our reputations to initiate instantaneous mitigation against phish and malware campaigns.

    4. Any new incoming mail from a similar pattern or IOC will be auto classified with the new verdict to reduce the triage load from your SecOps.




You can learn more about ZAP here.


 


The automated User Submission workflow is carefully designed with state-of-the-art technology to help the organizations to mitigate any False negative or False positive risks faster to reduce MTTR (Mean time to Response) for their SOC team. It also becomes important for organizations to enhance their security postures by training employees who actively participate in this phish detection submission feedback loop. Attack Simulation Training is included with Microsoft Defender for Office 365 P2 and E5 licenses and provides the necessary simulation and training capability that reduces phish vulnerabilities at the user-level. Learn more and get started using Attack Simulation Training here.


 


Do you have questions or feedback about Microsoft Defender for Office 365? Engage with the community and Microsoft experts in the Defender for Office 365 forum.