WOW!! What a year for the Cybersecurity industry.  Some things haven’t changed (breaches are still occurring) but the security solutions continue to evolve and this includes Microsoft 365 Security.  Included in this edition of the newsletter is a compilation of announcements and resources from calendar year 2018 that show the power of the M365 Security platform.  It was an exciting year and suspect that 2019 will be more of the same for Microsoft and its customers.

General News

• How Microsoft protects against identity compromise
• How Microsoft’s Azure fends off 7 trillion cyber events per day
• Fostering a risk-based culture to secure the enterprise by Microsoft’s CISO
• A Look Inside Microsoft’s Forensics Labs and Cybersecurity Centers (video)
• New NIST CSF and CSA CCM Assessments available in Microsoft Compliance Manager
• Cybersecurity from the Microsoft Threat Intelligence Center (video) 
• Building the security operations center of tomorrow—harnessing the law of data gravity
• The new business imperative: A unified cloud security strategy
• Microsoft’s Ann Johnson on the intersection of AI and cybersecurity (Video)
• CISO series: Building a security-minded culture starts with talking to business managers
• CISO series: Lessons learned—4 priorities to achieve the largest security improvements
• Avanade’s SecOps is more effective thanks to Microsoft Windows Defender Advanced Threat Protection
• Voice of the Customer: Walmart embraces the cloud with Azure Active Directory
• Four operational practices Microsoft uses to secure the Azure platform
• Microsoft Rapid Cyberattack Assessment
• CISO series: Secure your privileged administrative accounts with a phased roadmap
• Remote Use of Local Accounts: LAPS Changes Everything
• Voice of the Customer: The Walsh Group found that Azure Active Directory gives them a competitive edge
• The AI cybersecurity impact for IoT

M365 Security (All Up News)

• Building Zero Trust networks with Microsoft 365
• Zero Trust part 1: Identity and access management
• Microsoft 365 helps create a secure modern workplace
• Announcing Compliance Manager general availability
• Microsoft 365 Security Training 2018 (Video)
• Introducing Microsoft Secure Score for Office 365 and Windows 10 – Video
• Further sharing of signals across the Intelligent Security Graph (Video)
• How Microsoft 365 Security integrates with the broader security ecosystem—part 1
• How Microsoft 365 Security integrates with your broader IT ecosystem—part 2
• How Microsoft 365 Security integrates with your broader IT ecosystem—part 3
• Assessing M365 Using the NIST Cybersecurity Framework
• Microsoft 365 GDPR action plan — Top priorities for your first 30 days, 90 days, and beyond
• M365 Identity and Device Access Configurations Best Practices
• Office 365 security roadmap – Top priorities for the first 30 days, 90 days, and beyond
• Delivering security innovation that puts Microsoft’s experience to work for you
• New controls available in Microsoft Secure Score
• Recommended Ignite M365 Security Sessions
• All Ignite M365 Security Sessions
• Taking steps, three, two and one to zero-trust
• Making it real—harnessing data gravity to build the next gen SOC
• Enhancing Microsoft Secure Score with Compliance and Service Health Information
• Microsoft O365 ATP 2018 Stats

Identity & Data Protection (Azure AD, Intune, AIP, MCAS)

• Create a resilient access control management strategy with Azure Active Directory
• How Microsoft uses Conditional Access – Endpoint Zone 1812 (Video)
• Microsoft Cloud App Security and Azure Information Protection integration
• Best practices for conditional access in Azure Active Directory
• Azure Information Protection: Unified labeling, on-prem scanning and protection across platforms (Video)
• Automatically protect #healthcare documents from edits and deletion via labels in SharePoint (Video) 
• Best Practices:  Securing privileged access for hybrid and cloud deployments in Azure AD
• Conditional Access | Scenarios for Success (1 of 4)
• Deploy Intune App Protection Policies based on device management state
• Public preview for conditional access information in Azure AD Sign-ins report!
• A new way to manage roles and administrators in Azure AD
• Automatic user provisioning and deprovisioning now available for more apps!
• Five steps to securing your identity infrastructure
• Best Practices:  Securing privileged access for hybrid and cloud deployments in Azure AD
• Azure AD Activity Logs in Azure Monitor Diagnostics now in public preview
• Azure Active Directory Deployment Plans
• Use the Authenticator App for password reset – now in public preview
• Microsoft Azure and Security Best Practices – Part 1 Identity
• Azure AD B2B Collaboration support for Google IDs is now in public preview
• Announcing password-less login, identity governance, and more for Azure Active Directory
• What’s new with Microsoft Cloud App Security – MS Ignite edition 2018
• Announcing availability of information protection capabilities to help protect your sensitive data
• Shut the door to cybercrime with identity-driven security (video)
• Office Message Encryption (video)
• How Azure AD can help clean up data in your on-premises Active Directory
• Managing risky 3rd party app permissions with Microsoft’s CASB
• MCAS brings its real-time CASB controls to on-prem apps!

Threat Protection (Office ATP, Windows Defender ATP, Azure ATP/ATA

• GA of Office 365 Advanced Threat Protection for SharePoint Online, OneDrive For Business, and Teams
• Hit by Ransomware?  Customers Can Now Restore OneDrive
• Ransomware Protection w/ Windows Defender Exploit Guard Controlled Folder Access
• Mitigations for the Masses: From EMET to Windows Defender Exploit Guard
• Announcing: Windows Defender ATP support for Windows 7 and Windows 8.1
• Introducing Azure Advanced Threat Protection
• How Office 365 protects your organization from modern phishing campaigns
• Why Windows Defender Antivirus is the most deployed in the enterprise
• Real tales of cyberattacks and the defenses in Windows 10 to stop them (Video)
• Secure Your Office 365 Tenant – By Attacking It
• Whitepaper:  Office 365 helps secure Microsoft from modern phishing campaigns
• Enhancing Threat Protection capabilities and Conditional Access App Controls in Microsoft Cloud App Security
• Introducing Windows Defender System Guard runtime attestation
• Getting Started w/ Windows Defender ATP Advanced Hunting
• Staying ahead of modern-day attacks Part 1: Recent updates to Office 365 ATP & its real-world impact
• Announcing Microsoft Threat Protection
• Microsoft Cloud App Security and Windows Defender ATP – better together
• How Microsoft Measures Effectiveness of Malware & Phish Catch for Office 365
• SecOps is more effective thanks to Microsoft Windows Defender (Customer Story)
• Windows Defender Antivirus achieved perfect scores across the board (Protection, Usability, Performance) in the latest AV-TEST review. In Protection, it got 100% on 14 of the 16 tests so far in 2018 (combined “Real World” and “Prevalent malware”)

• The Total Economic Impact™ Of Microsoft Office 365 Threat Intelligence
• Windows Defender Antivirus can now run in a sandbox
• The evolution of Microsoft Threat Protection, November update
• New attack surface reduction rules in WDATP
• Use WDATP to Control USB & Other Removable Media Devices
• Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP
• WDATP Ends the Year with a Bang & a Bunch of New Feature Announcements
• Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks
• Discover and protect sensitive data through Azure Information Protection and Windows Defender ATP