Microsoft at RSA 2022: Envisioning the future of security

Microsoft at RSA 2022: Envisioning the way forward for safety

Posted on

Like most of you, I used to be glad to see the 2022 RSA Convention return to its in-person roots after a two-year digital hiatus. This 12 months’s occasion was an ideal success, drawing 26,000 attendees to 3 days of cutting-edge safety classes, tutorials, seminars, and particular occasions at Moscone Heart in San Francisco. The convention included greater than 600 audio system and 400-plus exhibitors, together with a whole bunch of media representatives. Microsoft Safety was on the bottom, interacting with prospects and safety professionals at Microsoft’s 20-plus earned classes, in addition to showcasing new options like Microsoft Entra that assist understand our aim of complete safety.

I used to be honored to offer a keynote handle (video courtesy of RSA Convention) on the way forward for cybersecurity, together with a have a look at the place expertise and human experience are headed, in addition to why making a extra inclusive and various safety workforce will probably be crucial in our protection towards evolving threats. Additionally addressing a topic that’s turn into extra pressing with the expansion of the decentralized enterprise, my colleague Bret Arsenault, Microsoft Company Vice President (CVP) and Chief Data Safety Officer (CISO), gave a particular presentation on managing Shadow IT. All in all, it was a enjoyable, collegial, and productive 5 days. Let’s have a look at among the highlights.

Determine 1. Vasu Jakkal provides the keynote handle—Innovation, Ingenuity, and Inclusivity: The Way forward for Safety is Now.

Microsoft Safety Hub—you made it shine

Due to our company and a few exhausting work by our onsite crew, the Microsoft pre-day occasion was an enormous hit. We registered 430 attendees for this all-day occasion held on June 5, 2022, at Bespoke Occasion Heart. Attendees had been in a position to partake in Q&As with safety consultants about Zero Belief, risk intelligence, multicloud safety, threat administration, and the way Microsoft is re-envisioning the way forward for identification and entry with Microsoft Entra.

I hosted Bret Arsenault in a fireplace chat about navigating at the moment’s safety challenges and my colleague Pleasure Chik, CVP of Id and Entry, made a particular presentation on Microsoft Entra and the belief material of identification.

Joy Chik, Corporate Vice President of Identity and Access, speaking at RSA Conference 2022.

Determine 2. CVP of Id and Entry Pleasure Chik speaks on the 2022 RSA Convention.

Attendees additionally loved our immersive walkthrough artwork expertise (and naturally, the customized swag bar). Many company took benefit of the reception to community with different safety professionals and reconnect with outdated mates. It was nice to see some acquainted faces and share new insights with defenders throughout our group—a giant thanks to everybody who joined us!

Visitors explore the Microsoft Security Hub and network with other security professionals.

Determine 3. Attendes community on the Microsoft Safety Hub.

Microsoft had a sales space on the North Expo of RSA which showcased Microsoft complete safety options throughout our six product households: Microsoft Entra, Microsoft Endpoint Supervisor, Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Microsoft Priva. Greater than 7,300 folks visited the Microsoft sales space.

People explore the Microsoft Security booth at RSA Conference 2022.

Determine 4. Microsoft Safety sales space at RSA Convention 2022.

Standout classes

Microsoft audio system appeared in additional than 20 earned classes at this 12 months’s RSA, addressing the whole lot from provide chain assaults to ransomware, botnets, and methods to guard our democracy. We additionally hosted 40 classes in our sales space. A few of our hottest classes included:

  • Sensible Learnings for Menace Searching and Enhancing Your Safety Posture: Hosted by Jessica Payne, Principal Safety Researcher and Menace Intelligence Strategist at Microsoft, and Simon Dyson, Cyber Safety Operations Centre Lead in NHS Digitals Knowledge Safety Centre, this 50-minute session addressed risk searching and safety posture enhancements from a risk intelligence-informed perspective. Attendees gained insights from Jessica’s expertise in demystifying and defusing real-world ransomware assaults. Additionally they bought a first-hand recounting of Simon’s work securing the complicated community maintained by England’s Nationwide Well being Service (NHS) through the pandemic, and the way his crew’s expertise can profit all of us.
  • Conti Playbook: Infiltrate the Most Worthwhile Ransomware Gang: Contributors realized how a disgruntled affiliate uncovered one of the crucial notorious ransomware gangs, divulging its ransomware-as-a-service (RaaS) secrets and techniques to assist take them down. This immersive, hands-on workshop guided attendees by a typical Conti assault sequence and supplied tricks to defend towards superior persistent threats. Due to Tom D’Aquino, Fabien Guillot, and Arpan Sarkar of Microsoft associate Vectra AI for this presentation.
  • Microsoft Defender Specialists for Searching Has Obtained Your Again: Abhishek Agarwal, Chief Safety and Expertise Officer at Helix Biotech, examined risk searching’s virtuous cycle: monitor, hunt, and analyze. Particularly, attendees realized how Microsoft Defender Specialists for Searching makes use of AI to perform all three parts of the cycle quicker, offering automated detection, searching, and evaluation to assist the crew monitor and cease threats throughout the corporate’s multi-national enterprise.
  • Microsoft Safety Analysis—How We Responsibly Disclose Vulnerabilities to Apple, Google, and the Linux Neighborhood: Jonathan Bar Or, Principal Safety Researcher at Microsoft, mentioned how disclosing bugs makes the world safer and advantages customers, in addition to giving Microsoft Safety a greater understanding of the applied sciences we work to guard.​ The aim is to problem our personal detections and show product reality—making Microsoft Defender stronger by difficult our personal blue groups.​
  • Resolve Safe Entry Wants for Workload Identities with Microsoft Entra: Microsoft Product Managers Nick Wryter and Sandy Jiang led this informative session on the phenomenon of exploding workload identities. At present, workload identities outnumber person identities 5 to 1; the problem being that many conventional identification and entry administration options don’t handle these prevalent and ceaselessly over-permitted identities. Nick and Sandy defined how the brand new Microsoft Entra addresses this downside by offering a complete view of each motion carried out by any identification on any useful resource, detecting anomalous permission utilization at cloud scale.
  • Monitoring Extremely Evasive APTs with Vectra Detect & Microsoft Sentinel: Tom D’ Aquino, Senior Safety Engineer at Vectra AI, led this demonstration of real-life threat-hunting utilizing Vectra Detect and Microsoft Sentinel. Tom demonstrated real-world workflows for risk monitoring, together with particular person risk severity, lateral motion, risk targets, and extra.
  • The Shift of “Why” and “How” of Ransomware Assaults; How Microsoft Helps Prospects Survive Ransomware: Led by MacKenzie Brown of Microsoft’s Detection and Response Group (DART), this session examined the how and why behind the current enhance in ransomware assaults. Attendees realized how attackers have advanced their strategies to exert minimal effort for max return on funding (ROI), and why DART’s methodology may help you defeat them.

Shining a light-weight on Shadow IT

Shadow IT might be broadly outlined as a “set of functions, companies, and infrastructure which can be developed and managed exterior of outlined firm requirements.” These sorts of ad-hoc methods can pose a compliance threat, particularly for safety, privateness, information governance, and accessibility. Like several group, Microsoft has not been resistant to the proliferation of Shadow IT.

Vasu Jakkal and Bret Arsenault  on stage at the Microsoft pre-event.

Determine 5. Vasu Jakkal and Bret Arsenault communicate on the Microsoft pre-day occasion.

In step with our dedication to safety for all, Microsoft CVP and CISO Bret Arsenault gave a particular presentation on June 8, 2022, addressing Microsoft’s strategy to managing Shadow IT. Bret mentioned how Microsoft’s safety crew is enabling engineers and builders to construct and function safety capabilities within the cloud, in addition to Microsoft’s three main rules for managing and addressing Shadow IT. For attendees eager to be taught extra, we adopted up the occasion with a free white paper on managing Shadow IT.  We’ve additionally made Bret’s presentation slides out there to everybody.

2022 Excellence Awards

The Microsoft Safety Excellence Awards (previously Microsoft Safety 20/20 Awards) acknowledge Microsoft Clever Safety Affiliation (MISA) members’ success through the previous 12 months. This 12 months’s 10 award classes had been rigorously chosen to acknowledge the distinctive methods MISA members help their prospects and assist enhance Microsoft safety merchandise. Our cross-functional panel rigorously examined a whole bunch of nominations, narrowing the sector to only three finalists for every class.

Within the spirit of collaboration, Microsoft and MISA members alike voted on the winners. After dinner and cocktails, the awards had been handed out on the San Francisco Design Heart by Microsoft executives Phil Montgomery, Andrew Conway, Alym Rayani, Irina Nechaeva, Desmond Forbes, Sue Bohn, Mandana Javaheri, Madhu Prasha, Scott Woodgate, and myself. MISA members are a crucial a part of our strategy to complete safety. We’re grateful for his or her imaginative and prescient and dedication to our shared mission of serving to prospects do extra, safely. To all of this 12 months’s finalists and winners—congratulations!

Complete safety year-round

Microsoft now protects 785,000 prospects world wide, together with our personal digital property. Our aim is to offer complete safety for our prospects whereas enabling larger safety for our shared on-line world. Microsoft’s best-in-breed safety, built-in intelligence, and simplified administration integrates greater than 50 product classes in six product households, permitting you to be fearless within the pursuit of your imaginative and prescient.  Our latest product household, Microsoft Entra, helps fulfill that mission by making a safe entry level for end-to-end safety. Entra offers a unified admin middle for Azure Lively Listing (Azure AD), Entra Permissions Administration, and Entra Verified ID the place your group can rapidly confirm and safe each identification or entry request—multi functional place.

Our dedication to complete safety additionally means offering the newest analysis and first-hand data to assist preserve your group safe. You’ll be able to be taught extra at Cyber Alerts, a cyberthreat intelligence transient drawn from the newest Microsoft information and analysis. For those who attended RSA and engaged with Microsoft, please take a couple of minutes to answer our RSAC 2022 survey so we will proceed to enhance your expertise. My because of everybody who attended, and we’ll see you subsequent 12 months!  

To be taught extra about Microsoft Safety options, go to our web site. Bookmark the Safety weblog to maintain up with our knowledgeable protection on safety issues. Additionally, comply with us at @MSFTSecurity for the newest information and updates on cybersecurity.

Supply hyperlink

Leave a Reply

Your email address will not be published. Required fields are marked *