In this week’s edition of Microsoft Security Saturday, we have a great article by CVP Ann Johnson on cyber resilience, a real-world example of Zero Trust being implemented at banks, and more new preview features that are now available.  Grab a cup of coffee/tea and take a few minutes to read through this week’s wrap-up.

Operational resilience begins with your commitment to and investment in cyber resilience

Operational resilience cannot be achieved without a true commitment to and investment in cyber resilience. Global organizations need to reach the state where their core operations and services won’t be disrupted by geopolitical or socioeconomic events, natural disasters, and cyber events if they are to weather such events.

Why banks are adopting a modern approach to cybersecurity—the Zero Trust model

Many banks today still rely on a “castle-and-moat” approach—also known as “perimeter security”—to protect data from malicious attacks. Like medieval castles protected by stone walls, moats, and gates, banks that use perimeter security invest heavily in fortifying their network perimeters with firewalls, proxy servers, honeypots, and other intrusion prevention tools. Perimeter security guards the entry and exit points to the network by verifying the data packets and identity of users that enter and leave the organization’s network, and then assumes that activity inside the hardened perimeter is relatively safe.

Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results

Technology is dramatically transforming the global business environment, with continual advances in areas ranging from artificial intelligence (AI) and the Internet of Things (IoT) to data availability and blockchain. The speed at which digital technologies evolve and disrupt traditional business models keeps increasing. At the same time, cyber risks seem to evolve even faster—moving beyond data breaches and privacy concerns to sophisticated schemes that can disrupt entire businesses, industries, supply chains, and nations—costing the economy billions of dollars and affecting companies in every sector.

Maximizing your Identity Security Posture with Azure Advanced Threat Protection

A fact known to security teams worldwide is that most cyber-attacks leverage existing unpatched vulnerabilities (ever heard of BlueKeep?), and have taught us that often the most effective proactive security strategy for any organization is maintaining healthy security posture. If you haven’t done it already, patch your operating system while you read this!

Preparing towards Azure Sentinel’s GA

As we move closer to general availability (GA), you will see many changes in the Azure Sentinel. While true to the cloud, we release them as they are ready, the formal announcement will come with GA. This blog post lists some that may require your attention beforehand.

How you can use the AIP Unified Labeling client TODAY

We recently blogged about Unified Labeling and delivered a webcast explaining what it means to you. The Unified Labeling platform provides lots of benefits.  AIP Customers that enable Unified Labeling not only get the best features of a more modern platform for Information Protection, they also gain built-in support for Sensitivity Labels in Mac and Mobile platforms.

Unified labeling AIP scanner preview brings scaling out and more!

Since its release, the Azure Information Protection scanner has been adopted by many different types of customers. For example, some small businesses have deployed single scanners to address all their data at rest, others deployed a few machines in different locations or a few machines for the purpose of redundancy, while companies that needed to deal with petabytes of data may have deployed dozens of scanner instances, – such as internally at Microsoft, in which we deployed more than 40 scanners.

How to use PolyBase by authenticating via AAD pass-through

This blog highlights how to load and query using PolyBase by authenticating via Azure Active Directory (AAD) pass-through to Azure Data Lake Storage Gen2. AAD pass-through authentication with PolyBase is much more secure and compliant where you no longer need CONTROL permissions on the data warehouse to initiate a load.

7 apps you can build using the Microsoft Graph Security API!

Most modern organizations rely on a plethora of security solutions to execute defense-in-depth strategy. While these solutions are needed to cover all the gaps, they can add a lot of complexity via point integrations. The Microsoft Graph Security API offers simple ways to integrate with Microsoft and partner security products with a single interface and a unified schema.

Azure Firewall updates—September 2019

Azure Firewall is now ISO compliant—Azure Firewall is now Payment Card Industry (PCI), Service Organization Controls (SOC), and International Organization for Standardization (ISO) compliant. It currently supports SOC 1 Type 2, SOC 2 Type 2, SOC 3, PCI DSS, and ISO 27001, 27018, 20000-1, 22301, 9001, and 27017.

Updates to SharePoint security, administration, and migration

In Microsoft 365, we take security and compliance seriously, helping you manage security concerns in an ever-evolving technology world that’s constantly under threat.  Today at the SharePoint Conference we demonstrated that commitment with innovation to help you protect your identities and your information.

Azure Sentinel: Webinar Recordings

Search groups and members (preview) in Azure Active Directory

This article tells you how to search for members and owners of a group and how to use search filters as part of the groups improvement preview in the Azure Active Directory (Azure AD) portal. There are lots of improvements in the groups experiences to help you manage your groups, including members and owners, quickly and easily.