Podcasts about information protection

Stay ahead of evolving risks and mitigate vulnerabilities with Microsoft Purview Data Security Posture Management (DSPM). Gain prioritized visibility into data security risks, track unprotected sensitive information, and receive actionable insights. With built-in classifiers, automated risk assessments, and AI-powered capabilities like Security Copilot, you can identify and mitigate threats, ensuring a compliant data security environment. Talhah Mir, Microsoft Purview's Principal Group Product Manager, shows how to transform your data security strategy with automated, intelligent risk management and maintain continuous protection across your organization.   ► QUICK LINKS: 00:00 - Build and maintain a strong data security posture 01:25 - Start in Microsoft Purview Portal 02:14 - Microsoft Purview solutions 03:39 - Analytic reports 04:39 - Take action 05:30 - AI app-focused view 06:13 - View trends 06:59 - Add Security Copilot capabilities 09:37 - Wrap up   ► Link References Get started at https://aka.ms/DSPM   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

For Episode 8 of the Guardians of M365 Governance monthly webcast, Ragnar Heil (@ragnarh), Joy Apple (@JoyOfSharePoint) and I were sorry that our planned guest, Sharon Weaver, was unable to join us this month for health reasons, but we'll be sure to add her back into the schedule soon. While we did not get to hear Sharon's perspective as a Core Team member for the M365 Maturity Model community, we did discuss the maturity model and share some of our own thoughts and experiences. This episode focused on “Leveraging the M365 Maturity Model” to enhance governance, risk, and compliance (GRC) practices. As regulatory environments grow more complex, organizations must evolve from reactive compliance efforts to a proactive approach where GRC is integrated into daily operations and strategic decision-making. We explored how the M365 Maturity Model helps organizations assess their current GRC maturity, identify gaps, and build a more resilient framework that supports both compliance and business growth. We discussed how one size does NOT fit all, and that it is important to tailor your governance framework to fit the unique needs of your organization, ensuring that compliance efforts align with your specific industry requirements and business objectives. From there, organizations can strategically use Microsoft 365 tools like Compliance Manager, Information Protection, and eDiscovery, as well as 3rd party governance solutions to streamline their management efforts and enhance operational efficiency. We also discussed how leadership plays a vital role in driving maturity, fostering a culture where governance is seen as a strategic priority and accountability is embedded at all levels. Finally, we emphasized the need for continuous improvement and adaptation in practices. The M365 Maturity Model serves as a living framework that organizations can use to regularly assess and refine their governance efforts, staying ahead of emerging risks and maintaining compliance in an ever-changing regulatory landscape. And as I mentioned last month, I'd like to once again encourage our viewers to share their own governance war stories and engage with the community within the governance community page at https://www.facebook.com/groups/m365governance.

What is Azure Information Protection (AIP)? Azure Information Protection (AIP) is a cloud-based service by Microsoft designed to safeguard sensitive data through classification, labeling, and protection.  It integrates seamlessly with Office 365, allowing easy management and security of emails, documents, and files.  AIP offers features like encryption, rights management, and persistent protection to ensure data remains secure both within the organization and when shared externally. This solution enables businesses to control their data, adhere to regulatory requirements, and prevent breaches. By using AIP, organizations can enhance their security posture while efficiently preserving data integrity and confidentiality. What are the features of AIP? 1. Classification and Labeling: AIP enables users to categorize data according to its sensitivity and assign relevant labels. These labels determine access permissions, encryption needs, and usage guidelines, ensuring that data is managed in compliance with organizational and regulatory standards. 2. Compliance and Auditing: AIP aids organizations in fulfilling compliance mandates by offering comprehensive audit logs and reporting features. It facilitates the demonstration of adherence to regulations such as GDPR, HIPAA, and PCI DSS, which helps lower the likelihood of fines and penalties associated with data breaches. 3. Encryption and Rights Management: AIP utilizes encryption techniques to protect data, limiting access exclusively to authorized users. Additionally, it integrates rights management functionalities, allowing control over activities like viewing, editing, copying, forwarding, and even post-data-sharing. 4. Integration with Office 365: AIP integrates smoothly with Office 365 applications, enabling users to classify and safeguard emails, documents, and files directly from familiar interfaces. This integration streamlines the data security process, encouraging user adoption and facilitating compliance efforts. 5. Continuous Protection Across Platforms: AIP is unique in its ability to protect data regardless of location. Whether accessed from a corporate network, a mobile device, or a third-party application, AIP guarantees that sensitive information remains secure. View More: What is Azure Information Protection (AIP)?

Ilona Khmeleva is an International lawyer, expert in the field of international relations, leads the Economic Security Council of Ukraine. She is also a Lead of the Socio-Political and International Advocacy Cluster at East Europe Foundation. Member of the Ukrainian Association of International Law. Author of online courses of the Educational Center of the Verkhovna Rada of Ukraine. Worked on the approaches to the international legal responsibility of the Russian Federation at the University of Toronto. Author of the study on the correlations between cyber-attacks and other dimensions of aggression, prepared by the Economic Security Council of Ukraine together with the State Service for Special Communications and Information Protection of Ukraine and the Strategic Communications Department of the Office of the Commander-in-Chief of the Armed Forces of Ukraine. Gave lectures at the Institute of International Relations of Taras Shevchenko National University of Kyiv. Author of many publications, including for the United States Military Academy (Lieber Institute for Law & Land Warfare at West Point).

Locate, understand and protect sensitive information, both structured and unstructured, across your entire data estate at scale with Microsoft Purview. Keep data secure, whether it resides in Microsoft 365, Azure, non-Microsoft clouds, SaaS services and even on-premises in your data center. Data classifications and protections defined with Microsoft Purview persist in-place, without having to migrate your data into the Microsoft cloud. Over time, Microsoft Purview derives insights into your protection posture and trends to help prioritize locations where data in your organization might be exposed to risk. You can access data security, governance, and compliance from one place, and under information protection, find proactive recommendations and valuable insights to keep data secure.  Shilpa Ranganathan, Principal Product Manager, Microsoft Purview shares how policies put in place with Microsoft Purview will protect data wherever it is, even as you work with it using native tools in different clouds.   ► QUICK LINKS: 00:00 - Microsoft Purview, a unified solution to keep data secure 01:27 - Access experience: Data Engineer vs. External Vendor 04:32 - Define and apply classification labels 06:21 - How to implement user-specific access 08:18 - Wrap up   ► Link References Get started at https://aka.ms/MicrosoftPurviewDocs    ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics    

Lanseringen av Microsoft 365 Copilot står inför dörren. Vi tog ett prat med Anders Olsson från Onevinn om hur man gör sig redo för att användandet av Copilot ska fungera så bra som möjligt och så säkert som möjligt. Vi kommer in på ämnen som Purview Data Governance, Information Protection, Data Loss Prevention och mycket annat.Learning pathhttps://learn.microsoft.com/en-us/training/paths/prepare-your-organization-microsoft-365-copilot/Anders artikel om hur man säkrar upp MIcrosoft 365 Copilothttps://itsakerhetsguiden.se/2023/09/24/secure-your-microsoft-365-copilot-journey/ Hosted on Acast. See acast.com/privacy for more information.

In this episode, we talk about the SC-400 certification exam. We take you through the requirements, the content, the learning material and the actual exam. Also, Tobi asks Jussi an unexpected question.(00:00) - Intro and catching up.(03:31) - Community highlights.(05:42) - Show content starts.Community Highlights- Liam Cleary: How Microsoft Purview helps keep you compliant- Scott Hanselman: GitHub Copilot for CLI for PowerShell- Greg Beaumont: Azure OpenAI ChatGPT Solves Cryptic Error Codes from Power BI, SQL Server, Power Apps, and more!- Graeme Bray: Reporting on Azure AD Password ProtectionShow links- SC-400 study guide- SC-400 learning path: Part 1, Part 2, Part 3- SC-400 labs- Practice Assessments for Microsoft Certifications | Microsoft LearnSPONSORThis episode is sponsored by Sovelto. Stay ahead of the game and advance your career with continuous learning opportunities for Azure Cloud professionals. Sovelto Eduhouse – Learning as a Lifestyle - Start Your Journey now: https://www.eduhouse.fi/cloudpro

Did you remember to reply to this email? This one. The one at the top of your Inbox. No? You're welcome. Outlook mobile will soon remind you to reply to messages that appear to need a reply. Also Topics will get it's own app soon in Teams. This will be handy for the topics you contribute knowledge to, or if you are a Knowledge Manager.  Darrell and Daniel cover:   - Reminder: Uploading content to Stream (Classic) to be blocked   - Graph Connector Content Results Experience Switches to Results Inline in All Vertical   - Viva Topics app in Teams   - Microsoft Syntex: Prebuilt model for contracts   - Message Reminders in Outlook for iOS and Android   - Microsoft Purview compliance portal: Optical character recognition in Information Protection and Data Loss Prevention   Join Daniel Glenn and Darrell as a Service Webster as they cover the latest messages in the Microsoft 365 Message Center.  Follow us!   Twitter - Facebook - LinkedIn  Check out Daniel and Darrell's own YouTube channels at:  Daniel - https://youtube.com/DanielGlenn  Darrell - https://youtube.com/modernworkmentor   

Detect data loss, exfiltration, and data theft with intelligent automation solutions in Microsoft Purview. Data lives across apps, databases, and in file sharing locations inside and outside your infrastructure. It can be stored on devices and removable media, and it travels with each interaction. Secure data with a scalable and automated approach— discover and understand the growing volume of sensitive data, apply protections that follow data wherever it lives or travels, take preventative action when there's a risk of data loss, and elevate or lower data protections based on individual users to balance productivity with data security. Information Protection, Data Loss Prevention, and Insider Risk Management provide a unified platform in Microsoft Purview for intelligent, automated data protection. ► QUICK LINKS: 00:00 - Introduction 00:45 - Intelligent data security 01:29 - Information Protection 01:53 - Data Loss Prevention 02:22 - Insider Risk Management 03:00 - Example of information protection 03:55 - Wrap up ► Link References: Watch our series on Microsoft Purview at https://aka.ms/DataSecurityMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Discover, classify, and protect sensitive information automatically, wherever it lives or travels with Microsoft Purview Information Protection. Built-in protections follow documents on mobile, in the browser, or as you coauthor them, with no add-ins required. Policy tips keep end users compliant without compromising productivity. Tony Themelis, Principal Program Manager for Microsoft Information Protection, shows how to automate and enforce classifications through administrative controls, create labels, and put policies in place with Microsoft Purview Information Protection. ► QUICK LINKS: 00:00 - Introduction 01:10 - Built-in data classification 02:23 - Universal classification engine 03:23 - Admin controls 05:07 - Trainable classifiers 06:38 - How to configure labels 07:56 - Label policies 08:45 - Auto-labeling 09:55 - Wrap up ► Link References: For more information, check out https://aka.ms/InformationProtectionDocs Watch our Microsoft Purview series at https://aka.ms/DataSecurityMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Maithili Dandige, Partner Group Product Manager at Microsoft, joins Erica Toelle and guest host Shilpa Bothra on this week's episode of Uncovering Hidden Risks. Maithili's team is behind Microsoft Purview products such as Information Protection, Data Loss Prevention, Data Lifecycle Management, Records Management, eDiscovery, and Audit. Maithili discusses Data Loss Prevention, some recent DLP research, and what's upcoming in this space.     In This Episode You Will Learn:       The journey of DLP solutions and where the market is today  What customers should be expecting from DLP solution providers  The benefits of adopting a cloud-native solution    Some Questions We Ask:      What do you see as the future of DLP space?   How can you empower your users to make the right data-handling decisions?    What trends do you currently see evolving?     Resources:     View Maithili Dandige on LinkedIn  View Shilpa Bothra on LinkedIn  View Erica Toelle on LinkedIn    Related Microsoft Podcasts:            Listen to: Afternoon Cyber Tea with Ann Johnson    Listen to: Security Unlocked       Listen to: Security Unlocked: CISO Series with Bret Arsenault        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.  

Deze aflevering hebben we het over; ChatGPT in Azure OpenAI, ondersteuning van Microsoft Purview Information Protection in Acrobat, Azure vaulted backup en een hele handige toevoeging aan meeting recordings in Teams. --------- Presentatie: Barbara Forbes & Jos van Schouten Productie / edit: Ron van der Zijden Powered by OGD ict-diensten ogd.nl Benieuwd naar werken bij OGD? werkenbij.ogd.nl --------- ChatGPT in Azure GA: https://azure.microsoft.com/en-us/blog/chatgpt-is-now-available-in-azure-openai-service/ Purview in adobe acrobat https://www.microsoft.com/en-us/security/blog/2023/03/07/get-integrated-microsoft-purview-information-protection-in-adobe-acrobat-now-available/ Azure vaulted backup voor storage account blob + files: https://azure.microsoft.com/en-us/updates/azureblobvaultedbackups/ Microsoft Teams - Explicit Recording Consent for Teams Meetings: https://www.microsoft.com/nl-nl/microsoft-365/roadmap?rtc=1&searchterms=107781&filters=&searchterms=107781 https://m365admin.handsontek.net/microsoft-teams-explicit-recording-consent-for-teams-meetings-2/

War-floating. A phishing campaign pursues Ukrainian and Polish targets. Pakistan's navy is under cyberattack. A new criminal threat-actor uses screenshots for recon. ESXiArgs is widespread, but its effects are still being assessed. The UK and US issue joint sanctions against Russian ransomware operators. Robert M. Lee from Dragos addresses attacks to electrical substations. Our guest is Denny LeCompte from Portnox discussing IoT security segmentation strategies. And is LockBit next on law enforcement's wanted list? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/27 Selected reading. Chinese Balloon Had Tools to Collect Communications Signals, U.S. Says (New York Times)  UAC-0114 Campaign Targeting Ukrainian and Polish Gov Entitities (The State Cyber Protection Centre of the State Service of Special Communication and Information Protection of Ukraine) NewsPenguin, a Previously Unknown Threat Actor, Targets Pakistan with Advanced Espionage Tool (BlackBerry) Screentime: Sometimes It Feels Like Somebody's Watching Me (Proofpoint) Florida state court system, US, EU universities hit by ransomware outbreak (Reuters). No evidence global ransomware hack was by state entity, Italy says (Reuters) Ransomware campaign stirs worry despite uncertain impact (Washington Post) VMware Security Response Center (vSRC) Response to 'ESXiArgs' Ransomware Attacks (VMware Security Blog) CISA and FBI Release ESXiArgs Ransomware Recovery Guidance (CISA) United States and United Kingdom Sanction Members of Russia-Based Trickbot Cybercrime Gang (U.S. Department of the Treasury) Ransomware criminals sanctioned in joint UK/US crackdown on international cyber crime (National Crime Agency)

Cisco patches a command injection vulnerability. NIST issues antiphishing guidance. HeadCrab malware's worldwide distribution campaign. The Gamaredon APT is more interested in collection than destruction. Kathleen Smith of ClearedJobs.Net looks at hiring trends in the cleared community. Bennett from Signifyd describes the fraud ring that's launched a war on commerce against U.S. merchants. And trends in cyberattacks by state-sponsored actors. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/22 Selected reading. Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover (Dark Reading) Phishing Resistance – Protecting the Keys to Your Kingdom (NIST)  OneNote Documents Increasingly Used to Deliver Malware | Proofpoint UK (Proofpoint) HeadCrab: A Novel State-of-the-Art Redis Malware in a Global Campaign (Aquasec)  Another UAC-0010 Story (The State Cyber Protection Centre of the State Service of Special Communication and Information Protection of Ukraine) Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware (The Record from Recorded Future News) City of London traders hit by Russia-linked cyber attack (The Telegraph) ChristianaCare recovers from cyberattack, restores website service (6abc Philadelphia)  Nation-State Threats and the Rise of Cyber Mercenaries: Exploring the Microsoft Digital Defense Report (CSO Online) Microsoft Digital Defense Report 2022 (Microsoft Security)

Ideally and preferably, your cybersecurity program should follow established policies, standards, and procedures. These documents will govern all organization members, including staff, vendors, volunteers, and anyone working on the organization's behalf.The first step towards information protection is to develop and maintain a baseline configuration for IT and OT systems if this applies to your organization that incorporates appropriate cybersecurity principles, such as least privilege. The baseline configurations are documented, formally reviewed, and agreed-upon sets of specifications for IT systems or configuration items within those systems. It serves as the basis for all future changes to the systems, and it is considered the stable version of any system. However, changes will occur over time, so a method is imperative to manage system changes. This task is part of a much larger discipline known as configuration management. Configuration management addresses the methods for controlling asset changes throughout the assets' lifecycle. There are three roles your organization should consider in the change management process:Configuration managerBaseline managerVerification managerOnce your organization establishes good baseline practices, the challenge is to keep track of all the changes required for the business; therefore, I suggest using a standard exception process to document the exceptions to the baseline while calculating the risk and requiring sign-offs. ========*** FREE GUIDE ***https://www.execcybered.com/asset-managementBlog: https://www.execcybered.com/blogTraining: https://www.execcybered.com/iso27001foundationcourseLinkedin: https://www.linkedin.com/company/exceccybered/Twitter: https://twitter.com/DrBillSouzaInstagram: https://www.instagram.com/drbillsouza/Youtube: https://bit.ly/3BGOtPAThanks.Dr. Bill SouzaCEO | Founderwww.execcybered.com

Ideally and preferably, your cybersecurity program should follow established policies, standards, and procedures. These documents will govern all organization members, including staff, vendors, volunteers, and anyone working on the organization's behalf.The first step towards information protection is to develop and maintain a baseline configuration for IT and OT systems if this applies to your organization that incorporates appropriate cybersecurity principles, such as least privilege. The baseline configurations are documented, formally reviewed, and agreed-upon sets of specifications for IT systems or configuration items within those systems. It serves as the basis for all future changes to the systems, and it is considered the stable version of any system. However, changes will occur over time, so a method is imperative to manage system changes. This task is part of a much larger discipline known as configuration management. Configuration management addresses the methods for controlling asset changes throughout the assets' lifecycle. There are three roles your organization should consider in the change management process:Configuration managerBaseline managerVerification managerOnce your organization establishes good baseline practices, the challenge is to keep track of all the changes required for the business; therefore, I suggest using a standard exception process to document the exceptions to the baseline while calculating the risk and requiring sign-offs. ========*** FREE GUIDE ***https://www.execcybered.com/asset-managementBlog: https://www.execcybered.com/blogTraining: https://www.execcybered.com/iso27001foundationcourseLinkedin: https://www.linkedin.com/company/exceccybered/Twitter: https://twitter.com/DrBillSouzaInstagram: https://www.instagram.com/drbillsouza/Youtube: https://bit.ly/3BGOtPAThanks.Dr. Bill SouzaCEO | Founderwww.execcybered.com

There's no sign that cyberattacks affected US vote counts. NATO meets to discuss the Atlantic Alliance's Cyber Defense Pledge. A new APT41 subgroup has been identified. FSB phishing impersonates Ukraine's SSCIP. A look at Cozy Bear's use of credential roaming. Caleb Barlow shares tips on removing implicit bias from your hiring process. Our guests are Valerie Abend and Lisa O'Connor from Accenture with a look at the difference in how women and men pursue the top cyber leadership roles. And an update on Phishing trends and API threats. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/217 Selected reading. Statement from CISA Director Easterly on the Security of the 2022 Elections (Cybersecurity and Infrastructure Security Agency): No ‘Specific or Credible' Cyber Threats Affected Integrity of Midterms, CISA Says (Nextgov.com) U.S. vote counting unaffected by cyberattacks, officials say (PBS NewsHour)  What's 'Putin's chef' cooking up with talk on US meddling? (AP NEWS) NATO's 2022 Cyber Defense Pledge Conference - United States Department of State (United States Department of State) Japan joins NATO cyber defense centre (Telecoms Tech News) China casts wary eye as Japan signs up for Nato cybersecurity platform (South China Morning Post)  Hack the Real Box: APT41's New Subgroup Earth Longzhi (Trend Micro) New hacking group uses custom 'Symatic' Cobalt Strike loaders (BleepingComputer) They See Me Roaming: Following APT29 by Taking a Deeper Look at Windows Credential Roaming (Mandiant) APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network (The Hacker News) CAUTION‼️ russian hackers are sending emails with malicious links from the SSSCIP (State Service of Special Communications and Information Protection of Ukraine)  Russian hackers send out emails under the name of Ukraine's State Service of Special Communications and Information Protection (Yahoo) Research Report | The State of Email Security 2022 (Tessian)  DevOps Tools & Infrastructure Under Attack (Wallarm)

Episode Notes Alan and Sam discuss how Microsoft Purview Information Protection can help label, classify and protect your data in Office 365 . Alan takes the role of the 'Expert' and explains how you can easily start labelling document, as well as encrypt them to protect data leaving your organisation. What did you think of the episode? https://pinecast.com/feedback/lets-talk-azure/9d0739ba-285f-4fd4-b2d9-5cdc47dfbab1

An information security program is the philosophy and group of practices that companies implement to protect essential business processes, data and assets.  Building out an effective program not only helps protect key aspects of your business, but also helps to define internal policies and procedures for assessing risk and mitigating future attacks.  In this episode of the EM360 Podcast, Editor Matt Harris speaks to Carl Leonard, Cybersecurity Strategist for EMEA at Proofpoint, to discuss: Data loss and insider threats Overcoming challenges before embarking on information protection projects Dispelling DLP myths

Iranian APT data extraction tool described. LockBit gang comes under DDoS. Twitter whistleblower security claims made public. Poland and Ukraine conclude cybersecurity agreement. Greek national natural gas supplier under criminal cyberattack. Update to the Joint Alert on Zimbra exploitation. Addition to CISA's Known Exploited Vulnerabilities Catalog. Johannes Ullrich from SANS on Control Plane vs. Data Plane vulnerabilities. Our guest is David Nosibor, Platform Solutions Lead for UL to discuss SafeCyber Phase II. And, finally, targeting and trolling, with an excursus on Speedos. Really. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/159 Selected reading. New Iranian APT data extraction tool (Google) LockBit gang hit by DDoS attack after Entrust leaks (Register)  Former security chief claims Twitter buried ‘egregious deficiencies' (Washington Post)  Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies (CNN)  Twitter's Ex-Security Head Files Whistleblower Complaint (Wall Street Journal) Deception, Bots, and Foreign Agents: The Twitter Whistleblower's Biggest Allegations (Time) The Ministry of Digital Transformation, State Service of Special Communication and Information Protection and the Council of Ministers of the Republic of Poland signed Memorandum of understanding in the cybersecurity field. (State Service of Special Communication and Information Protection)  Greek natural gas operator suffers ransomware-related data breach (BleepingComputer)  Greek gas operator refuses to negotiate with ransomware group after attack (The Record by Recorded Future) Announcement | (DESF) Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite (CISA)  US government really hopes you've patched your Zimbra server (Register) CISA Adds One Known Exploited Vulnerabilities to Catalog (CISA)  Speedo-wearing Russian tourists leak defence secrets on Twitter (The Telegraph)

The Forum of Incident Response and Security Teams (FIRST) took place for the time in Ireland. FIRST's 34th Annual Conference, entitled ‘Neart Le Chéile: Strength Together' took place in the Convention Centre, Dublin, from June 26 to July 1, 2022. One of the speakers was a team from Ukraine, Victor Zhora (The State Service of Special Communications and Information Protection of Ukraine, UA), Yevheniia Volivnyk, Yevhen Bryksin (CERT-UA (SCPC SSSCIP), UA). Ronan talks to the team about their FIRST talk and more. They talk about their experience of cyberwar in the Ukraine, the new challenges Ukraine faces in cyberspace, their talk at FIRST, and the worst cyber attacks Ukraine has faced. They also talk about If the cyber attacks have stayed the same, what we can learn from the cybersecurity attacks on Ukraine, how social media has helped, and why communication is so important. More about FIRST: The Forum of Incident Response and Security Teams (FIRST) is an international not-for-profit organisation bringing together a variety of security and incident response teams. Today, FIRST is comprised of over 600 member teams from over 90 countries representing government agencies, academia, commercial enterprises, and financial corporations. FIRST is a front-line enabler in the global response community, providing access to the best practices, tools, and trusted communication with its member teams.

Privacy & Compliance expert from Microsoft, Ingrid Rodriguez, joins hosts Jerich Beason& Whitney McCollum to discuss taking risk out of silos. They talk about how the entire organization needs to have understanding of the enterprise risks.  Specifically, how does security & compliance fit into the enterprise risk framework?  What are the situational perspectives of the C-Suite and how can those perspectives drive compliance goals?  How can the CISO and legal work together and with the enterprise for compliance? They will also talk about risk appetite, the tolerance of risk by leadership, and aligning acceptance of risks with business goals.  How much and how often should you communicate risks and mitigation strategy?  Note: “The statements of the guest speakers and hosts in this podcast should not be construed as legal advice.  They represent their views only and not those of Epiq or their respective employers.”BIOGRAPHYIngrid is an Advanced Compliance Global Black Belt with Microsoft Security Solutions Area supporting the South, Southeast of the US, and LATAM regions. In her role, Ingrid shares her enterprising multinational information and security risk management executive experience, to help customers strategize within their Risk and Compliance obligations leveraging our solutions in Compliance, Information Protection, Privacy Management, and Insider Threat management capabilities. During her 18 years tenure in IT Risk & Compliance Leadership, Ingrid designed for an innovative Global Technology Risk Management Framework, as well as a vision for tactical implementation of technology and security controls by combining a variety of data security standards such as: NIST, ISO, PCI, HIPAA, FFIEC, GDPR, to mention a few. Ingrid designed and built the first Global Technology Risk Management programs in most of her previous employers. She lead, supported and guided over 45 countries to meet US and country-level compliance and privacy needs and well as Global Standards.  Ingrid is from Puerto Rico, based in Dallas, TX but soon relocating to beautiful Pensacola, FL. She is a frequent speaker on Risk Management and Compliance topics, in both languages English and Spanish, in many global, national and regional events including ISACA, Microsoft Executive Briefing Center, Fintech, Partners and many other associations and affiliations within the Privacy, Risk and Compliance industry in the US and LATAM.  Ingrid received a Bachelor's Degree in Computer Engineering from the University of Puerto Rico, and also holds a Master's Degree in Sciences, Computer Sciences from the University of Phoenix. She holds various industry certifications, including CRISC, CDPSE, ITIL among others. LinkedIn: https://www.linkedin.com/in/inrodz/ Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

In 2022, is there any investigation that will not benefit from digital evidence collection? Our guest this week, Robert Fried, is a digital forensics expert who discusses the answer to this question with Leah in addition to other digital evidence collection questions.Robert Fried is a seasoned expert and industry thought leader with over 20 years of experience in data collection and forensic investigations. As Senior Vice President and Global Head of Sandline's Forensics and Investigations practice, he leads day-to-day operations and oversees the forensic services offered to clients, including data collection, forensic analysis, expert testimony, and forensic consultation. Previously, he has held senior-level positions in digital forensic practices at global professional services firms and worked as a computer crime specialist at the National White Collar Crime Center. He has developed and instructed computer forensics and investigative training courses for federal, state, and local law enforcement agencies.Robert holds a BS and MS in Forensic Science and certificates in Law Enforcement Science, Computer Forensic Investigation, and Information Protection and Security from the University of New Haven. He serves on the Board of Advisors for the Master's in Investigations program at the University of New Haven and the Global Advisory Board for EC-Council's Computer Hacking Forensic Investigator (C|HFI) certification. Robert is a licensed professional investigator in Michigan and a licensed private investigator in New York. He is a frequent speaker at industry events, has been a guest on industry podcasts, and has been published in several professional publications. He has also authored the book Forensic Data Collections 2.0: The Guide for Defensible & Efficient Processes and contributes to PI Magazine, where he created the CyberSleuthing department and shares insightful content on topics relating to digital forensics, eDiscovery, data privacy, and cybersecurity. RESOURCES MENTIONED IN TODAY'S EPISODEOrder Robert's new book Forensic Data Collections 2.0: The Guide for Defensible & Efficient Processes on Amazon.CONNECT WITH GUEST: ROBERT FRIEDLinkedIn: @RobertFriedWebsite: www.forensicsbook.comCONNECT WITH WORKMAN FORENSICSYoutube: @WorkmanForensicsFacebook: @wforensicsTwitter: @wforensicsInstagram: @wforensicsLinkedIn: @workmanforensicsSubscribe and listen to this and more episodes of The Investigation Game on Apple Podcasts, Android, or anywhere you listen.

#49 This week on Digitally Transformed, host Melissa sits down with Mike Miller, Senior Engineer at Infused Innovations to discuss the importance of Azure Information Protection (AIP) and why you need it. For more information, visit: http://azure.com/aip. Learn how to classify, label, and protect your data using Azure Information Protection.

In this show, Shabaz Darr and Viktor Hedberg join Ru and Pete to catch up about... • The SC-400 Microsoft Information Protection Administrator exam • Their new new book on the exam • Microsoft Information Protection - the benefits, cool stuff, and general advice • The most common Microsoft security problems Viktor sees in his work • Shabaz's work on the Azure VMware Solution Zero to Hero Series Connect with Shabaz online: Twitter: https://twitter.com/ShabazDarr LinkedIn: https://www.linkedin.com/in/shabaz-darr-900b8361/ Connect with Viktor online: Twitter: https://twitter.com/headburgh LinkedIn: https://www.linkedin.com/in/viktor-hedberg/ Buy their SC-400 exam guide book! UK: https://www.amazon.co.uk/dp/1801811490 USA: https://www.amazon.com/dp/1801811490 Follow us on Twitter: Azure: https://twitter.com/amac_ncheese Kat: https://twitter.com/GreenanKat Pete: https://twitter.com/M365Rising Ru: https://twitter.com/rucam365 The show: https://twitter.com/CloudCons365 Connect with us on LinkedIn: Azure: https://www.linkedin.com/in/azuremcfarlane Kat: https://www.linkedin.com/in/kat-greenan-ba212a18 Pete: https://www.linkedin.com/in/peterrising Ru: https://www.linkedin.com/in/rlcam Check out our blogs: Kat: https://collabwithkat.com Pete: https://www.peterrising.co.uk Ru: https://campbell.scot Buy Pete's books! MS-500 Exam Guide (UK): https://www.amazon.co.uk/dp/1838983120 MS-700 Exam Guide (UK): https://www.amazon.co.uk/dp/1801071004MS-500 Exam Guide (USA): https://www.amazon.com/dp/1838983120MS-700 Exam Guide (USA): https://www.amazon.com/dp/1801071004

Ukraine has long been known as a "live fire" environment in cybersecurity circles, but with Russian aggression intensifying there are concerns that cyberattacks may signal the beginning of a broader conflict following a string of attacks in the last week that targeted Ukrainian government and private sector websites.  The United States Department of Homeland Security has also warned that Russia may target "US networks—from low-level denials-of-service to destructive attacks targeting critical infrastructure," in retaliation for perceived threats against it, though the threshold for such action is believed to be high. To learn more about cyber threats against Ukraine and how the country is preparing for it, Tech Policy Press spoke with Viktor Zhora, Deputy Head of the State Service for Special Communication and Information Protection of Ukraine, who is responsible for digital transformation and cybersecurity.

Road to Drill Podcast: Episode 25 Host: SSgt. Drew Schumann, from the 127th Wing Public Affairs office, Selfridge Air National Guard Base, Michigan TRT: 14:39 Topics: 127th Wing Commander Monthly Address, , Traffic Concerns, Around the Air Force News, COVID-19 Update, Information Protection, Drill Events, Air Force Association Breakfast, and more. If you have any questions or comments you would like addressed in this Podcast, please email us at RoadtoDrill@gmail.com, or message on Facebook at www.facebook.com/127thWing #TeamSelfridge #MichiganNationalGuard #AirNationalGuard

The new Personal Information Protection Law has already entered into effect from Nov 1st, 2021. With personal information data increasingly a hot button topic globally amid cybersecurity investigations into popular apps' illegal collection and use of users' personal information, all eyes are fixed on this new Law which will govern the personal data of China's 989 million internet users. Let's discuss it today. Website: https://www.carlodandrea.it Twitter: https://twitter.com/DAndreaCarloD Amazon: https://www.amazon.com/s?k=Carlo+Diego+d%27andrea&ref=nb_sb_noss

What does Data Loss Prevention look like in an increasingly remote world? Is the entire concept of DLP flawed? And at the end of the day, whose responsibility is DLP? DLP is a complex and complicated topic that is crucial for any business to fully understand. After all, you're protecting your most valuable assets, your intellectual property. On this episode of Protecting People, host Brian Reed sits down for a conversation with Cosmo Romero, Sr. Sales Engineer at Proofpoint, for a conversation all about DLP, incident response, and more. Join us as we discuss: What a modern information protection offering actually looks like Why DLP is a business issue, not a technology issue How to transition away from a legacy DLP mindset Why DLP as an acronym and concept may not make much sense in 2021   Resources mentioned during the interview: Gartner - It's Time to Redefine Data Loss Prevention   For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.

Worried about data breaches, identity theft and your private information getting in the hands of wrong people? China has a new law combating these complications. / Is the living room a disappearing concept? / Children's discount tickets will base on age, instead of height.

This episode takes a look at The China Personal Information Protection Laws and what this means for businesses. With Anna Gamvros and Lianying Wang, lawyers from Norton Rose Fulbright.For more details on China's data and privacy laws, please visit https://www.nortonrosefulbright.com/en-hk/services/172fd60c/information-governance-privacy-and-cybersecurityAnna is a data and technology lawyer, and heads the firm's Data Protection, Privacy and Cybersecurity practice for Asia Pacific. Anna's practice focuses on technology agreements and outsourcing transactions; privacy and data protection; cybersecurity and breach response; telecommunications and Internet regulatory issues.She has nearly 20 years of experience in Hong Kong, and has assisted clients with Hong Kong and China based projects. As a result, Anna has a wealth of experience in advising clients on high-value technology transactions and outsourcing deals, and multi-jurisdictional projects, particularly focused on data management.Lianying Wang is a corporate lawyer based in Beijing. He focuses on foreign direct investment, joint ventures, mergers and acquisitions and other general corporate and commercial matters in and involving China.Lianying has also increasingly been advising multinational companies on data protection and privacy issues in China, helping clients navigate China's complex data protection and privacy landscape.

How is an insider threat incident response like a murder investigation? You start with motive, then leverage investigative tools and knowledge of people to unearth a trail of mistakes. (Yes, it's actually quite exciting!) In this episode, series host Sai Chavali speaks with fellow Protecting People host Brian Reed, Cybersecurity Evangelist at Proofpoint, about insider threat cases and what makes a successful incident response. Join us as we discuss: The three buckets of insider threats Specific insider threat cases every investigator should study Asking “who, what, why, and when” to protect against insider threats How incident response can be like a murder investigation Check out these resources we mentioned: Report mentioned at [5:47] 2020 Cost of Insider Threats: Global Report  Proofpoint blog post mentioned at [8:19] The Top 10 Biggest and Boldest Insider Threat Incidents, 2020-2021  For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.

In this episode, we discuss why China has passed the Personal Information Protection Law (PIPL), how it differs from the EU's GDPR, and how companies can process employees' personal information. Subscribe to our podcast today to stay up to date on employment issues from law experts worldwide.Moderator: Cynthia Chung (Deacons / Hong Kong)Guest Speaker: Jane Lu (JunHe / China)

China's congress recently passed the Personal Information Protection Law, a piece of legislation that will significantly impact how foreign and Chinese companies collect, use, and transfer personal information. To get a rundown of what companies need to know about the law and its implementation, we're on the line with Hannah Feldshuh, a business advisory services […]

How the new legislation will protect the public's private data; pork giant gets hamstrung by family feud; and gambling stocks soar after Macau eases Covid restrictions SPECIAL OFFER To enjoy 7-day complimentary access to caixinglobal.com and the English Caixin app visit this link: https://www.caixinglobal.com/institutional-activity/?code=J3XVJC

What is it that we didn't know that we should have known? Many incident response plans miss this crucial question, but it's absolutely foundational to learning how you can prevent the incident from happening again. In this episode, we talk with Matt Stamper, CISO at EVOTEK, about the most important elements of an incident response plan and why security awareness has the largest return from a threat mitigation perspective. What we talked about: - Getting started with incident response - Untangling conflicting priorities in the process - Widening the circle of concern with regard to insider threats - Investing in security awareness Check out these resources we mentioned during the podcast: - TheHLayer.com - CISO Desk Reference Guide: A Practical Guide for CISOs (Vol. 1) - CISO Desk Reference Guide: A Practical Guide for CISOs (Vol. 2) For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for P rotecting People in your favorite podcast player. Listening on a desktop & can't see the links? Just search for Protecting People in your favorite podcast player.

This week, Rachel O'Shea, a Senior Technical Specialist in Compliance at Microsoft, join Adam and Andy to talk about information protection and governance. Rachel has a wealth of experience in compliance and she talks about some of the tools within Microsoft's suite to help protect information as well as tips to get started and continuous re-evaluation of your compliance program. ---------------------------------------------- Youtube Video Link: https://youtu.be/vet3BKiKEQQ ---------------------------------------------- Documentation: Rachel O'Shea:https://www.linkedin.com/in/racheloshea/ Microsoft Compliance Center: https://docs.microsoft.com/en-us/microsoft-365/compliance/microsoft-365-compliance-center?view=o365-worldwide Microsoft Information Protection: https://docs.microsoft.com/en-us/microsoft-365/compliance/information-protection?view=o365-worldwide ---------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod ---------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ---------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com --- Send in a voice message: https://anchor.fm/blue-security-podcast/message

Proofpoint has concluded 3 of their 2021 conferences: Wisdom, Protect, & Protect EMEA with great success; highlighting their guest speakers and information protection—the show takes a behind-the-scenes look at the action. Tim Choi, Vice President Product Marketing at Proofpoint, joins the show to discuss the Proofpoint conferences. What we talked about: - The Structure of the Protect, Protect EMEA, & Wisdom Conferences - Discussing the Conference Panel Participants - COVID-19 and the Information Protection Transformation - Security Awareness Training within an Organization Check out these resources we mentioned during the podcast: - Protect Conference 2021 - Day 1 Recap - Protect Conference 2021 - Day 2 Recap - Wisdom Recap To hear more interviews like this one, subscribe to the Protecting People Podcast on Apple Podcasts, Spotify, or your preferred podcast platform.

This week we are joined by the M365 Princess, independent Microsoft consultant, queen of stickers and open sourceress - Luise Freese! We talk about the latest news including our thoughts on Windows 11 and the associated Teams updates, get impressed by Vesku Nopanen rocking the HoloLens2 and discuss why printers are bad.Windows 11Summary - Upgrade to the New Windows 11 OS | Microsoft and Microsoft: Windows 11 is a better fit than Windows 10 for this hybrid world | ZDNetUI Changes - Here are the UI changes Microsoft showed off in Windows 11 - The VergeTPM issues - https://www.zdnet.com/article/will-your-pc-run-windows-11-even-microsoft-cant-say-for-sure/ and Why Windows 11 is forcing everyone to use TPM chips - The VergeNo IE!!! Windows 11 is deleting Internet Explorer - The VergeTeams enhancements - https://twitter.com/rishmsft/status/1408084132786151427?s=20Support for multiple accounts!!!!Vesa Nopnanen using Teams with HoloLens Microsoft HoloLens 2 – experiencing the future today – Vesa Nopanen – My Teams & Microsoft 365 Day (myteamsday.com)Developer newsGithub Project Planning GitHub Issues · Project planning for developersConnected account tooltip for PnP PowerShell Connected Account tooltip in PowerShell | PnP SamplesViva and SearchViva Connections dev model being open in SPFX v1.13 https://twitter.com/vesajuvonen/status/1408013967289688070?s=20 Viva Topics auto highlighted in SharePoint today https://twitter.com/resing/status/1407899914969878529?s=20Announcing developer preview of the Microsoft Federated Search Platform - Microsoft Tech Community Security and complianceWhat's New in Information Protection? - Microsoft Tech CommunityGA: Mandatory LabellingPP: Co-authoring and autosave for protected documentsGA: Dynamic marking Ministry of Defence 'sorry' after secret papers left at bus stop - BBC NewsGA: Track and RevokeEventsKevin on MVPBuzz with Christian Buckley  - #MVPbuzzChat with Kevin McDonnell – buckleyPLANETM365 Security & Compliance User Group – Wed 30 JuneJune 2021 | Meetup

UK companies operating in China are beholden to an increasing number of cybersecurity regulations. These influence a raft of business activities, including the ease with which a Chinese subsidiary of a multinational company can share customer or R&D data with other parts of the business; how businesses store data; and how corporate entities interact with the emerging Social Credit System. In this episode, Joe Cash talks to Torsten Weller about two new regulations making their way into law that are bound to add to the compliance burden of companies needing to move data to and from China, the Personal Information Protection Law (PIPL) and the Data Security Law (DSL). How similar is the PIPL to the European Union's GDPR? How can UK companies transfer data obtained by their Chinese subsidiaries out of the country? How does China determine liability when there is a data breach? This episode of the China Business Brief has you covered.

Let’s talk about the adversarial relationship between end users and vendors.Things could improve in both directions. In this episode, we interview Dan Holden, VP of Cyber Security at BigCommerce, about anger, angst, and ‘forgivability’ in the vendor/end user relationship. What we talked about: - It’s more about fit than about vendor or product - The advantages of building a vendor relationship with a startup - The CISO’s role in understanding the vendor landscape - 3 questions for the CISO to ask to set vendor priorities You’re invited to Protect 2021 on June 8-9. For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player. Listening on a desktop & can’t see the links? Just search for Protecting People in your favorite podcast player.

Dan Holden, VP of Cybersecurity at BigCommerce takes a threat centric angle when discussing information security. He emphasizes the importance of awareness around the extent of cybercrime capability. What we talked about: - Different ways to handle information security - Changes in the threat landscape - External aspects of cybercrime capability - Framework vs. Strategy Check out these resources we mentioned during the podcast: - Proofpoint Protect 2021 For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player. Listening on a desktop & can’t see the links? Just search for Protecting People n your favorite podcast player.

The new world has changed our concerns about how information is accessed and handled. Remote work has accelerated the insider threat, insider risk, and DLP concern. The need for information protection is at an all-new high. In this episode in our Inside Line on Information Protection series, host Brian Reed chatted with Tim Choi, Vice President Product Marketing at Proofpoint, about information protection and the upcoming Protect 2021 conference. What we talked about: - New information protection situations Tim has seen - Why Protect 2021 is focused on customers - Where to register for Protect 2021 Check out this resources we mentioned during the podcast: - You’re invited to attend Proofpoint Protect 2021 Find additional content and subscribe to Protecting People on Apple Podcasts, Spotify, or our website. Listening on a desktop & can’t see the links? Just search for Protecting People in your favorite podcast player.

The third episode in our monthly podcast on employment law issues.

If you’re asking which information protection platform to choose, that’s not deep enough. It’s intellectually lazy. Too often, we make technology decisions instead of programmatic decisions. In a recent episode in our Inside Line on Information Protection series, we chatted with cybersecurity executive Jeremy Wittkop about reimagining DLP as a method for protecting people first. We also talked about: Why technology solutions don’t help CSOs discuss data protection Multilingual services, behavioral analytics, and resource distribution IT budgets and security budgets are not the same Genuinely measuring and analyzing risk Resources we mentioned during the podcast: Activate Your Brain by Scott G. Halford How to Measure Anything in Cybersecurity Risk by Hubbard and Seiersen Find additional content and subscribe to Protecting People on Apple Podcasts, Spotify, or our website. Listening on a desktop & can’t see the links? Just search for Protecting People in your favorite podcast player.

In addition to focusing on malicious actors trying to gain access to your networks and your systems, are you just as focused on making sure that the people who already have access are doing what they’re supposed to be doing? Insider Threat detection is one of the most underutilized, but overlooked aspects of any cybersecurity organization. On this episode of The Inside Line on Information Protection, we talk with Larry Ponemon about: - Why every company regardless of size, should be running Insider Threat programs - The astronomical cost of Insider Threat investigations - Why good people making silly mistakes may be more damaging that bad actors doing bad things - The easiest way into a Fortune 50 company (it’s probably not what you think) Find additional content and subscribe to Protecting People on Apple Podcasts, Spotify, or our website. Listening on a desktop & can’t see the links? Just search for Protecting People in your favorite podcast player.

Introducing our new series: Inside Line on Information Protection. In this show, we’ll welcome expert guests with diverse backgrounds in information protection to discuss topics like insider threat, information governance, and cloud security. In this inaugural episode, host Brian Reed is joined by Catherine Hwang, Director of Product Marketing for Information Protection Products at Proofpoint. What we talked about: - The topics that will be covered in the series - Why legacy DLP solutions aren’t solving customer challenges - Wanting to solve more than one problem at a time with DLP budgets Find additional content and subscribe to Protecting People on Apple Podcasts, Spotify, or our website. Listening on a desktop & can’t see the links? Just search for Protecting People in your favorite podcast player.

https://www.youtube.com/embed/7ymbGczYXcM

In this episode of the #AzureLateShow podcast, I’m excited to welcome a very special guest Amrita Satapathy, and the legendary, and co-Host for the upcoming series of the podcast, Pablo Chacón, Security Community Lead to discuss about the Azure Security Benchmark.

How many times have you had to consider third party tools for your Microsoft 365 environment? What should you think about when choosing tools? We are joined by Michal Pisarek, CEO of Orchestry and 6 time MVP to talk about these things.First the news as we talk about Microsoft's latest sharing of meeting science, new DLP playbooks, big numbers for Teams usage in the UK and Kev's dream robot.WorkLabMicrosoft 365 Information Protection and Compliance Deployment Acceleration GuidesMicrosoft Teams DLP Playbook!!! - Microsoft Tech CommunityEnhancements to Microsoft Exact Data Match - Microsoft Tech CommunityManage guest access with access reviews - Azure AD | Microsoft DocsBig Teams numbers for NHSTeams internal sharing turned on by defaultYammer inclusive reactionsMeet Raspberry Silicon: Raspberry Pi Pico now on sale at $4 - Raspberry PiBest of CESMicrosoft Channels ‘Black Mirror': Turn Deceased People Into ChatbotsNV350 CARAVAN】 OFFICE POD CONCEPTDo you need a standalone device for Teams?Tech Community Awards - Commsverse OnlineEventsTues 26 JanCollab365 GlobalCon5 Turbo Tuesday - Kevin - How to make a desk locator with Microsoft SearchMCSCUG Meetup (Modern Workplace and Power Platform) | Meetup - Al - EntitlementsThurs Jan 28CollabDays Birmingham (Virtual) 2021 | Collabdays - Al - Workplace AnalyticsDemystifying the Microsoft 365 Platform: Unlock Power Productivity and Performance - MichalHow Much Community Management Is Too Much? CollabTalk Tweetjam Friday 5th FebGlobal Automation Bootcamp 2021 - Garry Wed 17th FebMicrosoft 365 UK (M365UK) User Group - KevinTech Days event TBC - Manage monitor and secure the Power Platform18th FebPnP Community Call Feb 18th - Run CLI for Microsoft 365 in Docker

https://www.youtube.com/embed/4oI0a2jOhoI

In this episode, we discuss China's new Personal Information Protection law which the initial draft was recently released in October 2020, and we also discuss aspects of China's Data Security Law. My guest is Zach Lichtblau a lawyer and partner with Bonnard Lawson law firm. Zach is based in Shanghai and is monitoring these developments closely. We discuss China's changing attitude towards personal data, future trends, and even the impact of the recent "trade wars". Previous cast with Zach where we discuss GDPR and China Cyber Security laws.https://www.bluoceansecurity.com/podcast/episode/4b71897b/gdpr-and-corporate-securityYou can contact Zach at zl@ilf-asia.com or at www.bonnard-lawson.comPlease send comments to podcast@bluoceansecurity.com

During Cybersecurity Awareness Month we received several questions on a host of topics and are happy to bring some follow up answers to our audience. This week we are discussing information protection and basic tips individuals can follow to secure their private information and data.

Enterprise today face data protection challenges to secure sensitive information across its life cycle and exploring solutions. Microsoft Azure Information Protection has been widely purchased by many customers, but struggling to find ways to get started and require assistance in adopting best practices. Let's explore it in this podcast. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/future-of-cybersecurity/message

Colin Erasmus, Modern Workplace Business Group Lead at Microsoft

This episode was recorded using Microsoft Teams and produced with Camtasia 2020 FAQ 15 CIAOPS Patron Community Windows Information Protection @directorcia

For information that hasn't been classified, but is still in need of some level of protection we've long used the FOUO label (for official use only) to indicate that the information should be kept protected. The federal government has developed a new standard for information protection that all government agencies have to comply with, and part of that standard is replacing the FOUO classification with controlled unclassified information, or CUI for short. Welcome back for another episode of the AFLCMC leadership log podcast. Jeff Hetzler is the information security lead at AFLCMC's information protection office. For this episode We sat down with him (virtually) for a 101 discussion on the new standard, and what its phased in implementation will mean for all government agencies going forward. If you haven't already done so then please consider subscribing to this series and don't forget to follow and like us on our social media platforms. You can also see a video version of this and all of our episodes on our You Tube channel. For more information on all things Air Force Life Cycle Management Center related please visit and bookmark our website at www.aflcmc.af.mil. If you have an idea for a future episode on a topic that would interest the Life Cycle Management Center family shoot us an email at aflcmc.pa.mediateam@us.af.mil. Until next time---stay strong, stay safe, and keep providing what warfighters need when they need it. For more information on all things related to AFLCMC visit our website at: https://www.aflcmc.af.mil. Follow and like us on our social media channels for the latest information and news from programs across the center. LinkedIn: https://linkedin.com/company/aflcmcofficial Twitter: @AFLCMCofficial Facebook: https://www.facebook.com/AFLCMCofficial Instagram: @aflcmcofficial YouTube: https://www.youtube.com/channel/UCzpbkmBDlq05aBqPYvcze3A History Office Twitter: @airpowercradle

This episode was recorded using Microsoft Teams and produced with Camtasia 2020 FAQ 14 CIAOPS Patron Community Azure Information Protection @directorcia

Attendees Guest: Yoad Dvir Guest title: Security Lead, Central and Eastern Europe Company: Microsoft Abstract Microsoft security portfolio has been growing and diversifying in the last couple of years, adding more capabilities at various areas of information security. In order to better understand Microsoft strategy and offering, we talked with Yoad Dvir, Cyber Security Lead at Microsoft, about the Microsoft new security pillars: Monitoring, Threat Protection and Information Protection. Timing: 0:00 - Introducing our guest 5:45 - Introducing Microsoft security strategy 12:50 - Security monitoring pillars - Azure monitor, Sentinel, Azure analytics and more 21:10 - Microsoft Threat Protection family - Cloudapp, O365 ATP, Defender ATP, Azure ATP 30:50 - diving deeper into Cloudapp 35:30 - Microsoft Information Protection 44:00 - summary and last words

Anne Bailey and Matthias Reinwarth talk about the technologies that enable employees working remotely or from home access sensible corporate information from personal devices without compromises between productivity and security.

Anne Bailey and Matthias Reinwarth talk about the technologies that enable employees working remotely or from home access sensible corporate information from personal devices without compromises between productivity and security.

On this episode of The Contracting Experience we welcome back previous guest to the podcast, Joyce Pappas, who is an Industrial Security Program Manager at the Information Protection office, Air Force Materiel Command Headquarters. This episode will look at Industrial Security from a small business and Defense Contractor point of view. Check out Episode 6 to get refreshed on this important subject on the “Industrial Security Explained” episode. Enjoy! Defense Counterintelligence and Security Agency (DCSA): https://www.dcsa.mil/ Center for Development of Security Excellence (CDSE): https://www.cdse.edu/ Acronyms: DoD – Department of Defense NISP – National Industrial Security Program FSO – Facility Security Officer If you would like to share feedback on the podcast, please submit via thecontractingexperience@gmail.com.

In Episode 151, Ben sits down at Microsoft Ignite with Gagan Gulati, Head of Product for Azure Information Protection, and Adam Hall, Director, Microsoft Security to discuss the history of information protection at Microsoft and the material impacts of protecting your organization’s sensitive data in Office 365, including the transition from AIP to MIP (such […] The post Episode 151 – Microsoft Information Protection with Gagan Gulati and Adam Hall appeared first on Microsoft Cloud IT Pro Podcast.

På tide å bli mer teknisk og detaljert. Vi diskuterer mer rundt planlegging og muligheter med Microsoft sin "Information Protection", og generele tanker for IP.  

Stiffer regulatory oversight of information protection practices has spurred lenders to reevaluate the way they collect and use personally identifiable consumer data. In this episode of The Roadmap, Auto Finance Excellence talks with two distinguished executives to identify what it takes to keep up with changing data security compliance requirements. Hyundai Capital America's VP of Information Protection and Chief Information Security Officer Eddie Younker provides a guide for how lenders can build a strong foundation for information security practices. Also, McGlinchey Stafford's Chief Privacy Officer and Commercial and Consumer Litigation Attorney Richik Sarkar details how lenders can protect themselves and their organizations from risks and liability when handling consumer data. Featuring Eddie Younker, VP of Information Protection and Chief Information Security Officer at Hyundai Capital America, and Richik Sarkar, Chief Privacy Officer and Commercial and Consumer Litigation Attorney at McGlinchey Stafford

Microsoft Information Protection is a family of complementary solutions to help you to discover, classify, protect and monitor your sensitive information, wherever it lives. Whether its on-premises, on devices, or in the Cloud. Whether you are concerned about protecting the security and privacy of your company data due to regulatory requirements or need to protect specific intellectual property, watch as Gagan Gulati from the Information Protection engineering team at Microsoft demonstrates the latest updates for information protection in Microsoft 365: - Discover all your data to identify your most sensitive information and ensure the right automated classification and labeling with appropriate controls, - And take advantage of our risk containment capabilities, including post-breach threat investigation when important data is exposed on your end points

Zum Thema Data Leakage bot Microsoft verschiedene unabhängige Produkte: Den RMS-Nachfolger Azure Information Protection (AIP), Data Loss Prevention (DLP), Windows Information Protection (WIP) und das Intune-basierte WIP-Pendant für nicht-Windows-Geräte. Wir zeigen, wie Microsoft diese Splitter zu einem Gesamtbild zusammensetzt: Microsoft Information Protection (MIP). Mit Dr. Christoph Hannebauer und Wolfgang Bach

Microsoft’s approach to delivering a secure and trusted identity solution across platforms and services presented by Joy Chik, CVP of the identity engineering team at Microsoft and joined by Jeremy Chapman. This includes a closer look at your options for eliminating password usage with Azure AD and the latest in password-less solutions with the new authenticator app. As well as how Azure AD minimizes the risk of evolving identity-based attacks and what you can do to take advantage of modern capabilities with your apps and services. To learn more please visit: https://Microsoft.com/identity Session THR2312 - Filmed Wednesday, September 26, 11:20 EDT at Microsoft Ignite in Orlando, Florida. Subject Matter Expert: Joy Chik is Corporate Vice President for the Identity Division in Microsoft’s Cloud + Enterprise group. Her teams are responsible for Active Directory, Azure Active Directory, Microsoft Account (MSA), Microsoft Graph, Information Protection and Forefront Identity Management suites which are delivered to customers as cloud services or on-premises products. Since joining Microsoft in 1998 as a software engineer contributing to Terminal Services in Windows 2000, Joy has steadily risen in the company as an established leader of some of the industry’s most impactful engineering teams. Joy graduated summa cum laude with a Bachelor of Science degree in Computer Science from Rensselaer Polytechnic Institute. Joy is a member of the Board of Trustees for the Anita Borg Institute and is active in charities focused on encouraging women and girls to pursue careers in technology.

Intellectual property theft costs America up to $600 billion a year, robbing people and companies of their ideas and inventions. Join us on this episode of Modern Workplace podcast where we will take a deeper dive into the hard facts of nation sponsored intellectual theft, who's at risk, and what you can do to keep your intellectual property safe.

We are back to regular programming with our first guest, the formidable Swetha Sankaran. AL caught up with her at this years MVP Summit. What a great inspiration she is to all women who want to get into Information Technology. As always, we cover the news, and this week we talk about new Teams updates, Hub sites finally rolling out and a ton of AL's favourite stuff, Azure Information Protection. No Blooper at the end of the show though...

Anna Heim is a cyber and data information security consultant who has an extensive 25 years of experience of senior positions in   companies such as IBM and other blue-chip clients. She now dedicates her time, skills, effort in fulfilling her mission of helping the world become a safer place in terms of cyber security, and GDPR; among others. We started the episode by talking about what is cyber security all about – and how it is a complex and a body of interconnected technologies, processes, as well as practices that are designed to protect networks, computers, mobile and other digital devices, programs and data from attacks, damage, and other unauthorised access. Anna also shares with us the basic types of hackers, which are: Kiddie Scripters / Script Kiddie – usually are young, thrill seeking, profile- building people who has interest in programming. They normally hack websites, and would leave graffitis on the site’s page/s. Black Hats / Black Hackers – they are more nefarious, and would break in to system to steal your company’s or your customers’ data. They attack in order to steal identities, and for fraud. We also talked about three tips that we can do in our daily life in order to avoid identity theft. Make sure that you have installed antivirus, antimalware, and have a firewall on your computer. Keep your software and operating system updated. Do not use the same password across your social media and other online accounts. We also touched the topic of the deep web (dark web) and how it is being used by hackers for their gain. Lastly, Anna also shares with us what the General Data Protection Regulation is, what it does to businesses, what it does for the costumers, and how important it is. Golden Nugget Round Question 1 – What would you lecture at University today? Data and Information Protection with a caveat to Online Privacy. Question 2 – What would you tell your 25 Year Old Self? Learn to code! Question 3 – What was your biggest investment or financial decision? Investing in my personal development. Guest Details To contact Anna, feel free to e-mail her at anna@aresriskmanagement.com Links and Resources http://www.aresriskmanagement.com/ Quotes If you have been a victim of identity theft, it takes two years to have your identity restored, BUT it would never be fully restored. –Anna Heim Never use the same password twice! –Anna Heim

Is your staff handling your corporate data with care? Window Information Protection helps Microsoft know when employees are sending corporate data to non-corporate locations—and it helps people protect sensitive content and corporate assets. Learn how Windows Information Protection works to provide data security in our highly mobile and collaborative business culture, and prepare to deploy, configure, and manage it for data loss prevention in your environment.These questions — and more — are discussed during this session:[01:30] Windows Information Protection overview[07:02] Windows Information Protection policy design and deployment[14:42] Post-deployment support and auditing[23:29] Windows Information Protection at Microsoft[29:29] More informationAccess additional technical content, discover new and exciting career opportunities in IT, and much more:Microsoft IT ShowcaseMicrosoft IT CareersLinkedInGet the IT Showcase App

Is your staff handling your corporate data with care? Window Information Protection helps Microsoft know when employees are sending corporate data to non-corporate locations—and it helps people protect sensitive content and corporate assets. Learn how Windows Information Protection works to provide data security in our highly mobile and collaborative business culture, and prepare to deploy, configure, and manage it for data loss prevention in your environment.These questions — and more — are discussed during this session:[01:30] Windows Information Protection overview[07:02] Windows Information Protection policy design and deployment[14:42] Post-deployment support and auditing[23:29] Windows Information Protection at Microsoft[29:29] More informationAccess additional technical content, discover new and exciting career opportunities in IT, and much more:Microsoft IT ShowcaseMicrosoft IT CareersLinkedInGet the IT Showcase App

Is your staff handling your corporate data with care? Window Information Protection helps Microsoft know when employees are sending corporate data to non-corporate locations—and it helps people protect sensitive content and corporate assets. Learn how Windows Information Protection works to provide data security in our highly mobile and collaborative business culture, and prepare to deploy, configure, and manage it for data loss prevention in your environment.These questions — and more — are discussed during this session:[01:30] Windows Information Protection overview[07:02] Windows Information Protection policy design and deployment[14:42] Post-deployment support and auditing[23:29] Windows Information Protection at Microsoft[29:29] More informationAccess additional technical content, discover new and exciting career opportunities in IT, and much more:Microsoft IT ShowcaseMicrosoft IT CareersLinkedInGet the IT Showcase App

This week, on Down the Security Rabbithole, Rudra "Rudy" Mitra joins us from Redmond to talk about what it's like to defend Office 365 at scale. On this episode we cover: What we mean by at scale in regards to Office 365 Some pros and cons of the Office 365 platform as it pertains to security and safety Eary warning, early detection, and how easy it is to really break things There's so much more too! We even skipped talking about current events to give this show maximum run-time. Sit back, grab something to take notes with, and listen up. The lesson begins now.   Guest Rudra "Rudy" Mitra - ( @rudramitra ) Rudra is the Director of Information Protection for the Office 365 platform. He works on extremely large-scale projects to ensure the safety and security of client data and the platform itself. LinkedIn profile is here: https://www.linkedin.com/in/rudramitra/

Microsoft Azure Information Protection is a new solution that makes it simpler to classify and protect information, even as it travels outside of your organization. You'll see the new options that let you define how your users can classify their documents and emails during the normal course of their work. Find out how you can define the labels, protections, and visual markings appropriate for your organization. And finally, track where sensitive documents are traveling and how to stop them in their tracks.

Microsoft Azure Information Protection is a new solution that makes it simpler to classify and protect information, even as it travels outside of your organization. You'll see the new options that let you define how your users can classify their documents and emails during the normal course of their work. Find out how you can define the labels, protections, and visual markings appropriate for your organization. And finally, track where sensitive documents are traveling and how to stop them in their tracks.

Join Yung Chou and Kevin Remde as they discuss some of the security enhancements made for Windows 10 with regards to Identity and Access, Information Protection and Threat Resistance with Device Guard.____________________________________________________If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:Websites & Blogs:Yung Chou's BlogKevin Remde's BlogRelated Resources:Deployment PlanningServicing Options Follow the conversation @MS_ITPro Become a Fan @ facebook.com/MicrosoftITPro Subscribe to our podcast via iTunes, Stitcher, or RSS

Join Yung Chou and Kevin Remde as they discuss some of the security enhancements made for Windows 10 with regards to Identity and Access, Information Protection and Threat Resistance with Device Guard.____________________________________________________If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:Websites & Blogs:Yung Chou's BlogKevin Remde's BlogRelated Resources:Deployment PlanningServicing Options Follow the conversation @MS_ITPro Become a Fan @ facebook.com/MicrosoftITPro Subscribe to our podcast via iTunes, Stitcher, or RSS

Join Yung Chou and Kevin Remde as they discuss some of the security enhancements made for Windows 10 with regards to Identity and Access, Information Protection and Threat Resistance with Device Guard.____________________________________________________If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:Websites & Blogs:Yung Chou's BlogKevin Remde's BlogRelated Resources:Deployment PlanningServicing Options Follow the conversation @MS_ITPro Become a Fan @ facebook.com/MicrosoftITPro Subscribe to our podcast via iTunes, Stitcher, or RSS

David Bray describes the Information Sharing Environment, exploring post-9/11 information sharing in the United States, and the efforts being made towards information sharing and national security. In the aftermath of the September 11 terrorist attacks, the United States began a historic transformation aimed at preventing future attacks and improving its ability to protect institutions at home and abroad. As a result, the US is now better informed of terrorist intentions and plans, and better prepared to detect, prevent, and respond to their actions. Enhanced information sharing has provided a greater capacity for coordinated and integrated action. The Information Sharing Environment (ISE, www.ise.gov) was established by the Intelligence Reform and Terrorism Prevention Act of 2004. The ISE provides analysts, operators and investigators with integrated and synthesized information on terrorism, weapons of mass destruction, and homeland security. This talk will describe what the ISE is and by doing so will explore post-9/11 information sharing in the United States, and the efforts being made towards information sharing and protection. David will also give a brief outline of on-going ISE development efforts. In essence, this talk highlights that when examining the full scope of information sharing and protection, there are many widespread and complex challenges that must be addressed and solved by multiple agencies together. Policies and solutions should be framed to address all types of protected information, classified and unclassified, as critical national and homeland security issues cut across security domains. Protection also includes privacy and civil liberties protections. Without privacy and civil liberties protections, sharing is not possible; and without sharing, protection loses its relevance.

Dr. Johnson is co-founder and Chairman of the Board of Directors of the California Sciences Institute, and also serves as a member of the Board of Directors of the SANS Technology Institute. Dr. Johnson is one of the founding partners of the Forensic Data Center a company focused on computer forensics He received his Bachelor's and Master's degrees from Michigan State University and his Doctorate from the University of California - Berkeley. Dr. Johnson founded the Center for Cybercrime and Forensic Computer Investigation, and the Forensic Computer Investigation Graduate program. Additionally, Dr. Johnson was responsible for developing the on-line program in Information Protection and Security and also founded the Graduate National Security program offered at two of our National Nuclear Security Administration Laboratories in California and New Mexico. Currently, Dr. Johnson serves as a member of the FBI Infraguard program; and also is a member of the Electronic Crime Task Force, New York Field Office, U.S. Secret Service. The United States Attorney General appointed Dr. Johnson a member of the Information Technology Working Group, and he served as Chair, Task Force Group on Combating High Technology Crime for the National Institute of Justice. Dean Johnson was also appointed an advisor to the Judicial Council of California on the Court Technology Task Force by the California Supreme Court. Dr. Johnson has published five books, 13 referred articles; holds copyright on 4 software programs and his chapter on "Infrastructure Warriors: A Threat to the U.S. Homeland by Organized Crime," was published by the Strategic Studies Institute of the U.S. Army War College. In addition to lecturing at the U.S. Army War College, Carlisle Barracks, he has also lectured at the Federal Law Enforcement Training Center, and numerous universities. Dr. Johnson has appeared in both State and U.S. Federal courts as an expert witness and was a member of the Select Ad Hoc Presidential Investigative Committee and consultant to the American Academy of Forensic Sciences in the case of Sirhan B. Sirhan regarding evaluation of ballistics and physical evidence concerning the assassination of United States Senator, Robert F. Kennedy.

Oct 24, Micki Krause - Chief Information Security Officer, Pacific Life Insurance Co. Micki Krause has held positions in the Information Security profession for the past 20 years. She is currently the Chief Information Security Officer at Pacific Life Insurance Company in Newport Beach, California, where she is accountable for directing the Information Protection and Security Program for the enterprise. Pacific Life is the 15th largest life insurance company in the nation and provides life and health insurance products, individual annuities, mutual funds, group employee benefits, and a variety of investment products and services. Krause was named one of the 25 most influential women in the field of information security by industry peers and Information Security magazine as part of their recognition of Women of Vision in the IT Security field and was awarded the Harold F. Tipton Award in recognition of sustained career excellence and outstanding contributions to the profession. Micki has held several leadership roles in industry-influential groups including the Information Systems Security Association (ISSA) and the International Information System Security Certification Consortium (ISC)2 and is a passionate advocate for professional security leadership. She is a reputed speaker, published author and co-editor of the Information Security Management Handbook series. www.pacificlife.com