Podcasts about insider risk management

Stay in control as GenAI adoption accelerates across your organization using Data Security Posture Management for AI in Microsoft Purview. With built-in visibility into how AI apps and agents interact with sensitive data—whether inside Microsoft 365 or across unmanaged consumer tools—you can detect risks early, take decisive action, and enforce the right protections without slowing innovation. Monitor usage trends, investigate prompts and responses, and respond to potential data oversharing or policy violations in real time. From compliance-ready audit logs to adaptive data protection, you'll have the insights and tools to keep data secure as AI becomes a part of everyday work. Shilpa Ranganathan, Microsoft Purview Principal Group PM, shares how to balance GenAI innovation with enterprise-grade data governance and security. ► QUICK LINKS: 00:00 - GenAI app security, governance, & compliance 01:30 - Take Action with DSPM for AI 02:08 - Activity logging 02:32 - Control beyond Microsoft services 03:09 - Use DSPM for AI to monitor data risk 05:06 - ChatGPT Enterprise 05:36 - Set AI Agent guardrails using DSPM for AI 06:44 - Data oversharing 08:30 - Audit logs 09:19 - Wrap up ► Link References Check out https://aka.ms/SecureGovernAI ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.  • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Manage the rise of generative AI across your organization using the Copilot Control System in Microsoft 365. Control who can find, use, and create agents, define permissions, approve or block agent deployments, and configure billing models including pay-as-you-go or prepaid options. Get detailed visibility into how agents are used, which users and groups are driving consumption, and how much they're costing you. With Microsoft Purview integration, monitor for sensitive data exposure, track compliance risks, and audit agent activity to stay secure and aligned with your organization's data policies.  Jeremy Chapman, Director of Microsoft 365, shares how to configure, deploy, monitor, and secure AI agents at scale. ► QUICK LINKS: 00:00 - Copilot Control System 01:34 - Copilot Chat 02:21 - Manage agent use 03:23 - Agent deployment 04:09 - Visibility into how agents are used 05:10 - Copilot Dashboard 06:06 - DSPM for AI 06:47 - Microsoft Purview agent protections 07:32 - Wrap up ► Link References  Check out https://aka.ms/CopilotAgentControls ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Use Microsoft Purview and Microsoft 365 Copilot together to build a secure, enterprise-ready foundation for generative AI. Apply existing data protection and compliance controls, gain visibility into AI usage, and reduce risk from oversharing or insider threats. Classify, restrict, and monitor sensitive data used in Copilot interactions. Investigate risky behavior, enforce dynamic policies, and block inappropriate use—all from within your Microsoft 365 environment.  Erica Toelle, Microsoft Purview Senior Product Manager, shares how to implement these controls and proactively manage data risks in Copilot deployments.  ► QUICK LINKS: 00:00 - Microsoft Purview controls for Microsoft 365 Copilot 00:32 - Copilot security and privacy basics 01:47 - Built-in activity logging 02:24 - Discover and Prevent Data Loss with DSPM for AI 04:18 - Protect sensitive data in AI interactions 05:08 - Insider Risk Management 05:12 - Monitor and act on inappropriate AI use 07:14 - Wrap up ► Link References Check out https://aka.ms/M365CopilotwithPurview Watch our show on oversharing at https://aka.ms/OversharingMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Protect your organization's data with Microsoft Purview. Gain complete visibility into potential data leaks, from AI applications to unmanaged cloud services, and take immediate action to prevent unwanted data sharing. Microsoft Purview unifies data security controls across Microsoft 365 apps, the Edge browser, Windows and macOS endpoints, and even network communications over HTTPS —all in one place. Take control of your data security with automated risk insights, real-time policy enforcement, and seamless management across apps and devices. Strengthen compliance, block unauthorized transfers, and streamline policy creation to stay ahead of evolving threats. Roberto Yglesias, Microsoft Purview Principal GPM, goes beyond Data Loss Prevention (DLP) and shows how to ensure your data stays protected no matter where it goes. ► QUICK LINKS: 00:00 - Data Loss Prevention in Microsoft Purview 01:33 - Assess DLP Policies with DSPM 03:10 - DLP across apps and endpoints 04:13 - Unmanaged cloud apps in Edge browser 04:39 - Block file transfers across endpoints 05:27 - Network capabilities 06:41 - Updates for policy creation 08:58 - New options 09:36 - Wrap up ► Link References Get started at https://aka.ms/PurviewDLPUpdates ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Investigate data security, risk and leak cases faster by leveraging AI-driven insights with Microsoft Purview Data Security Investigations. This goes beyond the superficial metadata and activity-only signals found in incident management and SIEM tools, by analyzing the content itself within compromised files, emails, messages, and Microsoft Copilot interactions. Data Security Investigations allows you to pinpoint sensitive data and assess risks at a deeper level—quickly understanding the value of what's been exposed. Then by mapping connections between compromised data and activities, you can easily find the source of the security risk or exposure. And using real-time risk insights, you can also apply the right protections to minimize future vulnerabilities. Data Security Investigations is also integrated with Microsoft Defender incident management as part your broader SOC toolset. Nick Robinson, Microsoft Purview Principal Product Manager, joins Jeremy Chapman to share how to enhance your ability to safeguard critical information.  ► QUICK LINKS: 00:00 - Microsoft Purview Data Security Investigations 01:00 - Risks of data theft & data leaks 03:20 - Start an investigation 04:45 - Results of an investigation 06:15 - Vector-based search & semantic indexing 08:00 - Use AI for the investigation 09:21 - Map activities 10:44 - Connect SOC & Data Security teams 11:21 - Known leaked information 12:26 - Steps to get DSI up and running 13:15 - Wrap up  ► Link References Get started at https://aka.ms/DataSecurityInvestigations Stay up-to-date with our blog at https://aka.ms/DSIBlog ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Join Manish Mehta as he sits down with security strategist and risk advisor, Munish Walther-Puri to explore the evolving landscape of insider risk. This episode dives deep into the complexities of hybrid work environments, the blurred boundaries between personal and professional devices, and the importance of balancing security with employee privacy. Tune in for actionable insights and cutting-edge strategies for managing risks in today's interconnected ecosystems.You'll learn:How hybrid work and "bring-your-own-device" practices are reshaping insider risk managementPractical frameworks to balance insider threat monitoring with employee privacy and ethical considerationsHow emerging technologies like AI are transforming insider risk detection and mitigation strategiesRelevant resources:MITRE Center for Threat-Informed DefenseINSA categorization of insider threatsCISA's guide to insider threat mitigation

Stay ahead of evolving risks and mitigate vulnerabilities with Microsoft Purview Data Security Posture Management (DSPM). Gain prioritized visibility into data security risks, track unprotected sensitive information, and receive actionable insights. With built-in classifiers, automated risk assessments, and AI-powered capabilities like Security Copilot, you can identify and mitigate threats, ensuring a compliant data security environment. Talhah Mir, Microsoft Purview's Principal Group Product Manager, shows how to transform your data security strategy with automated, intelligent risk management and maintain continuous protection across your organization.   ► QUICK LINKS: 00:00 - Build and maintain a strong data security posture 01:25 - Start in Microsoft Purview Portal 02:14 - Microsoft Purview solutions 03:39 - Analytic reports 04:39 - Take action 05:30 - AI app-focused view 06:13 - View trends 06:59 - Add Security Copilot capabilities 09:37 - Wrap up   ► Link References Get started at https://aka.ms/DSPM   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Microsoft announced last week new agents that can be created with Copilot studio to automate tasks using AI capabilities. Also in this episode you'll find a great new tool from CISA called Scubagear that will allow you to check the baseline security of your Microsoft 365 environment. Plenty more updates and information from the Microsoft Cloud, so listen along. @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS AI Tour Demo: Copilot Studio and Pre-built Agents Scale your team with new autonomous agents Unlocking autonomous agent capabilities with Microsoft Copilot Studio Reimagine business process with Copilot and agents Unlock Autonomous Agent Capabilities with Copilot Studio Microsoft 365 Copilot drove up to 353% ROI for small and medium businesses—new study Favorite Microsoft 365 Copilot Prompts Enhancing Security with CISA's ScubaGear Baselines for M365 Phish, Click, Breach: Hunting for a Sophisticated Cyber Attack Microsoft Digital Defense Report 2024 New macOS vulnerability, “HM Surf”, could lead to unauthorized data access  Demystify potential data leaks with Insider Risk Management insights in Defender XDR Increase productivity with Copilot in OneNote for iPad and Mac for commercial customers Unleash your creativity with new pen tools in OneNote What's new in Microsoft Intune October 2024 Microsoft 365 Insider Handbook Prepare now for key end of support moments in 2025

Prioritize incidents based on data significance, detect insider risks, and adapt protections in real-time with Microsoft Defender XDR and Microsoft Purview. Customize thresholds and risk indicators to detect anomalous behavior and prevent potential breaches with Adaptive Protection. Receive real-time DLP alerts triggered by policy matches, ensuring immediate action to safeguard sensitive data. Gain comprehensive visibility into threats and enforce policies across all devices and applications. Sravan Kumar Mera, Principal Product Manager for Microsoft Purview shares how to stay ahead of evolving threats and maintain data integrity.   ► QUICK LINKS: 00:00 - Prioritize security incidents based on data importance 00:42 - High severity multistage incident 01:29 - DLP alerts 02:24 - Insider risk activity summary 03:30 - Set up data security foundation 04:47 - Adaptive Protection 05:50 - DLP policy & Conditional Access 06:33 - Wrap up   ► Link References Get started at https://purview.microsoft.com Watch our data security playlist at https://aka.ms/datasecuritymechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics    

In this episode, Fred Burton interviews Tim Kirkham, Senior Director and Global Head of Investigations and Insider Risk Management at Dell Technologies. With a distinguished career transitioning from over 29 years in law enforcement, including two decades as a Special Agent in the FBI, to spearheading Dell's global security strategy, Tim's expertise offers invaluable wisdom. Through his leadership, Dell navigates over 6000 investigations annually, safeguarding against fraud, insider threats, and more, securing its competitive edge.Tim's remarkable shift from a seasoned FBI Special Agent to a pioneer of Dell's security strategy demonstrates the power of leveraging extensive law enforcement experience within the corporate sector. Whether you're a business leader or an aspiring investigator, this episode is a must-listen, offering a roadmap to innovative, comprehensive risk management strategies in the digital age.Tune in to his conversation with Fred Burton to hear: Optimal leadership practices in corporate investigations and strategies for integrating these approaches into your security program.The evolution of insider threat investigations and his forward-looking perspective on the emerging threats and opportunities in the insider risk landscape for 2024 and beyond.The pivotal role of effective communication and the strategic importance of starting small in the development of insider threat programs.For more information on combatting insider threats, take a look at Ontic Resources.

Join me as I talk with internationally recognized resilience trainer & consultant Daman Sood, as we talk about how Insider Risk Management and how to safeguard our organizations from insider threats. It's a topic we've not touched on before. During our discussion, Daman talks about: 1. Defining Insider Risk Management, 2. Who is an insider? 3. Access Management & Permissions, 4. Corporate espionage, 5. External manipulation, 6. Various ways an insider can do harm, 7. Political threats, 8. A real-life case of Insider Risk Management playing out in India (and a personal story that will surprise you), 9. Social Media (a Boom and a Bain), 10. Leadership and governance involvement (and loosing faith in leaders), 11. How to assess insider risk, 12. Role-based Risk Assessment (RBRA), 13. Background check, 14. HR and other groups' involvement...and more. Daman delves into a topic not many have discussed prior, and his insights will really shine a light on this topic. Enjoy!

A unified solution for comprehensive data protection with Microsoft Fabric and Microsoft Purview. Extend the security measures of Microsoft 365 to your schematized data, ensuring consistent protection across your entire data estate. From detecting insider risks to mitigating data loss and unauthorized sharing, leverage advanced visibility and control to safeguard sensitive information effectively. Daniel Hidalgo, Microsoft Purview Product Manager, shares how to simplify your security strategy and gain deeper insights into data risks.   ► QUICK LINKS: 00:00 - Unified solution to prevent data loss and detect data risk 01:36 - Microsoft Fabric experience 02:53 - Confidential labels are automatically inherited 03:16 - Detect sensitive information with DLP policies 04:03 - Create and publish a label 04:59 - Define protections 05:50 - Data Loss Prevention experience in Microsoft Purview 06:57 - Insider Risk Management with Microsoft Fabric 07:39 - Visibility of sensitive data with Microsoft Purview 08:19 - Wrap Up   ► Link References: Check out https://aka.ms/PurviewforFabric Watch our shows on Insider Risk Management, check out https://aka.ms/IRMMechanics    ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Protect your organization from insider threats with Microsoft Entra's Conditional Access and Adaptive Protection in Microsoft Purview. Automatically block access to critical assets when insider risk levels elevate, ensuring data security and compliance seamlessly. Set up custom policies based on risk levels and enforce strong authentication measures, safeguarding against data breaches. Gain control and visibility over insider activities without manual intervention, empowering proactive security measures. Erin Miyake, Microsoft Purview's Principal Product Manager shares how to enhance your data protection strategy.   ► QUICK LINKS: 00:00 - Insider Risk in Conditional Access 00:41 - Extend Conditional Access 01:20 - Privacy-first approach 01:56 - Configure policy indicators 03:21 - Adapt protections based on changing risk 04:13 - Set custom policies 05:27 - Set a Conditional Access policy for moderate risk users 06:12 - Insider risk level changing over time 07:04 - Wrap Up   ► Link References: For more about the policies you can set up go to https://aka.ms/IRM Mechanics Get started today at https://aka.ms/adaptiveprotection  Watch our series on Insider Risk Management at https://aka.ms/IRMMechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

This week we discussed Purview Insider Risk Management. Insider Risk Management is a compliance solution that enables organisations to discover, track and manage insider risk. Insider risks can be introduced to an organisation in a multitude of ways, understanding and correlating these activities is complex and needs to be automated, this is where Insider Risk Management shines. Sam takes the lead with providing insights such as: What are insider risks and why organisations manage these risks What is insider risk management Which systems can monitored How insider risk management allows organisations to take actions on identified risks What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Detect and prevent data security incidents with Microsoft Purview. Combine data classification with proactive and adaptive data loss prevention policies aligned to the assessed insider risk level for a multi-layered approach. Trusted insiders working for your organization contribute to 25% of data breaches. Many of these breaches remain undetected or are discovered long after the damage is done. We deconstruct what occurred at a prominent company with an account inspired by a true story of corporate espionage and how Microsoft Purview is designed to detect and prevent this type of data security incident. ► QUICK LINKS: 00:00 - Detect and prevent data security incidents 00:29 - Watch a real crime case 02:06 - Data security strategies 02:55 - Secure data with policies 04:10 - Insider Risk Management 04:40 - Wrap up ► Link References: Check out our comprehensive series at https://aka.ms/DataSecurityMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

In the wake of the COVID pandemic, the workforce decentralized and shifted toward remote and hybrid environments. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Dan Costa, technical manager of enterprise threat and vulnerability management, and Randy Trzeciak, deputy director of Cyber Risk and Resilience, both with the SEI's CERT Division, discuss how remote work in the post-pandemic world is changing expectations about employee behavior monitoring and insider risk detection.

Detect data loss, exfiltration, and data theft with intelligent automation solutions in Microsoft Purview. Data lives across apps, databases, and in file sharing locations inside and outside your infrastructure. It can be stored on devices and removable media, and it travels with each interaction. Secure data with a scalable and automated approach— discover and understand the growing volume of sensitive data, apply protections that follow data wherever it lives or travels, take preventative action when there's a risk of data loss, and elevate or lower data protections based on individual users to balance productivity with data security. Information Protection, Data Loss Prevention, and Insider Risk Management provide a unified platform in Microsoft Purview for intelligent, automated data protection. ► QUICK LINKS: 00:00 - Introduction 00:45 - Intelligent data security 01:29 - Information Protection 01:53 - Data Loss Prevention 02:22 - Insider Risk Management 03:00 - Example of information protection 03:55 - Wrap up ► Link References: Watch our series on Microsoft Purview at https://aka.ms/DataSecurityMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Adjust the strength of your data protection automatically based on the calculated data security risk levels of users. Stringent controls are applied to high risk users, while low risk users continue to work productively with the right controls in place—all done automatically. Alleviate your security team's burden from manually fine tuning policies. Elevate your existing Data Loss Prevention controls for content. Talhah Mir, Principal PM for Insider Risk Solutions, shares how to use Adaptive Protection to address the most critical risks, while saving time. Balance data security and productivity with the Adaptive Protection capability in Microsoft Purview. ► QUICK LINKS: 00:00 - Introduction 00:45 - How Adaptive Protection works 01:57 - Cumulative Exfiltration Anomaly Detection Model 02:58 - Data Security Risk Level 04:17 - Admin views 05:09 - Enable Adaptive Protection 05:55 - Customization 06:59 - DLP Policies 07:56 - Wrap up ► Link References: Try it out at https://aka.ms/PurviewTrial More on Adaptive Protection at https://aka.ms/adaptiveprotection ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/website ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Cyberspectives is a Cybercrime Magazine podcast series brought to you by Microsoft. In this episode, Ann Johnson, Corporate VP of Security, Compliance & Identity at Microsoft, joins host Hillarie McClure to discuss insider risk management, holistic strategies, and more. To learn more about our sponsor, visit https://microsoft.com/security

Google Translate app is actually Windows crypto-mining malware White House to give aviation executives classified cyberthreat briefing Book distributor Baker & Taylor hit by ransomware Thanks to our episode sponsor, Code42 Cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data from exposure, leak and theft. In fact, the Code42 Annual Data Exposure Report revealed there's a 1 in 3 chance that your company will lose IP when an employee quits. To learn more about stopping data leaks with Insider Risk Management visit Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.  

Microsoft warns Iranians using Log4Shell Montenegro hit with Russian cyberattacks AlphaBay Turns 1 Thanks to this week's episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Es should define any IRM program: expertise, education, and enforcement. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme.

Ex-security chief accuses Twitter of cybersecurity negligence Ukraine and Poland join forces to counter Russian cyberattacks Hackers use Binance exec deepfake in crypto exchange scam Thanks to today's episode sponsor, Code42 Cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data from exposure, leak and theft. In fact, the Code42 Annual Data Exposure Report revealed there's a 1 in 3 chance that your company will lose IP when an employee quits. To learn more about stopping data leaks with Insider Risk Management visit Code42.com/showme. For the stories behind the headlines, head over to CISOseries.com

State-backed attacks excluded from cyber insurance LockBit hit with DDoS Cozy Bear using Microsoft accounts to bypass MFA Thanks to today's episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Es should define any IRM program: expertise, education, and enforcement. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme.

With remote work and a changing data landscape, risk of data theft has reached new heights - Insider Risk Management helps protect against those risks. Watch the step-by-step tutorial for implementing an Insider Risk Management solution for your organization as part of Microsoft Purview. It's surprisingly simple to build a baseline for managing activity inside your organization - from getting everything running, to setting policy on the types of violations that should raise system alerts, to assigning permissions for those who should have oversight and a level of incident detail they can see. While more advanced settings like intelligent detections define un-allowed and allowed domains and risk score boosters detect unusual activities or previous policy violations. Talhah Mir, from the Microsoft Purview team, joins Jeremy Chapman to show you how to set up Insider Risk Management with Microsoft Purview. ► QUICK LINKS: 00:00 Introduction 00:52 The best way to get started 01:13 Customize core experiences and insights 02:31 How to implement Purview for the first time 03:55 Set permissions 04:47 Customization 07:19 Create policies 07:55 Specify content priority 09:23 Define how a policy gets triggered 11:48 Two categories of detection 12:57 How to sign up for CS management in Microsoft Purview ► Link References: Set up a trial of Microsoft Purview: https://aka.ms/purviewtrial Receive guidance for connecting HR systems: http://aka.ms/HRConnector ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries?sub_confirmation=1 • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/website • To get the newest tech for IT in your inbox, subscribe to our newsletter: https://www.getrevue.co/profile/msftmechanics ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/microsoftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

This week, in the Enterprise News: Vanta raises a $110M Series B to automate SOC 2, ISO, PCI and other compliance efforts Immuta raises a $100M Series E for secure data access (an everything-old-is-new-again market that's exploding) Perimeter 81 raises $100M Series C and becomes a unicorn - You get a VPN! I get a VPN! Everyone gets a VPN! Over a dozen other vendors raise funding! IBM acquires EASM vendor, Randori Another Azure vulnerability allowing tenancy escapes Microsoft's Purview goes beyond DLP and gets into the pre-crime business Half a dozen cybersecurity vendor layoff announcements! We discuss the controversy around Rob Lee's involvement with developing federal standards for critical infrastructure protection and we say farewell (and good riddance) to Internet Explorer… but not really Then, after the news, we're going to air some segments recorded at the RSA conference last week.   We will cover high level winning strategies in cybersecurity marketing. The do's and don'ts for our specific industry and key factors of success in a go to market strategy. Segment Resources: https://cybersecuritymarketingsociety.com/podcast/ https://insight.cybersecuritymarketingsociety.com/survey2021?_gl=1*1wcqhp6*_ga*MTg4ODExOTY2Ny4xNjU0MTc1NDM3*_ga_GS9X0J5FZC*MTY1NDE3NTQzNi4xLjEuMTY1NDE3NTU3MC4w&_ga=2.81844830.933834121.1654175437-1888119667.1654175437   Two important shifts over the last two years transformed what we once knew as an on-premise ecosystem into a global system accessible from anywhere. One is remote work, which began as a temporary measure to get us through the early days of the pandemic and has since become the norm. The other is cloud adoption, which was mainstream even before the pandemic, but has seen another bump in the last two years. As a result, the internet has become the new corporate network. Where do we go from here? This segment is sponsored by Perimeter 81. Visit https://securityweekly.com/perimeter81 to learn more about them!   Phishing attacks are increasingly focused on new vectors such as social media, business collaboration apps, and text messages. These vectors generally lack any protection for the end user. How can we protect against these attacks that are increasingly leading to costly breaches? This segment is sponsored by Pixm. Visit https://securityweekly.com/pixm to learn more about them!   Employee turnover is the biggest threat to any organization's IP. Nearly 60% of employees move to a new company within similar fields (think: competitors) and are using collaboration technology to take sensitive data at an alarming rate. Code42's Joe Payne will discuss how Insider Risk Management addresses data loss in a volatile job market while still enabling collaboration. This segment is sponsored by Code42. Visit https://securityweekly.com/code42 to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw277

This week, in the Enterprise News: Vanta raises a $110M Series B to automate SOC 2, ISO, PCI and other compliance efforts Immuta raises a $100M Series E for secure data access (an everything-old-is-new-again market that's exploding) Perimeter 81 raises $100M Series C and becomes a unicorn - You get a VPN! I get a VPN! Everyone gets a VPN! Over a dozen other vendors raise funding! IBM acquires EASM vendor, Randori Another Azure vulnerability allowing tenancy escapes Microsoft's Purview goes beyond DLP and gets into the pre-crime business Half a dozen cybersecurity vendor layoff announcements! We discuss the controversy around Rob Lee's involvement with developing federal standards for critical infrastructure protection and we say farewell (and good riddance) to Internet Explorer… but not really Then, after the news, we're going to air some segments recorded at the RSA conference last week.   We will cover high level winning strategies in cybersecurity marketing. The do's and don'ts for our specific industry and key factors of success in a go to market strategy. Segment Resources: https://cybersecuritymarketingsociety.com/podcast/ https://insight.cybersecuritymarketingsociety.com/survey2021?_gl=1*1wcqhp6*_ga*MTg4ODExOTY2Ny4xNjU0MTc1NDM3*_ga_GS9X0J5FZC*MTY1NDE3NTQzNi4xLjEuMTY1NDE3NTU3MC4w&_ga=2.81844830.933834121.1654175437-1888119667.1654175437   Two important shifts over the last two years transformed what we once knew as an on-premise ecosystem into a global system accessible from anywhere. One is remote work, which began as a temporary measure to get us through the early days of the pandemic and has since become the norm. The other is cloud adoption, which was mainstream even before the pandemic, but has seen another bump in the last two years. As a result, the internet has become the new corporate network. Where do we go from here? This segment is sponsored by Perimeter 81. Visit https://securityweekly.com/perimeter81 to learn more about them!   Phishing attacks are increasingly focused on new vectors such as social media, business collaboration apps, and text messages. These vectors generally lack any protection for the end user. How can we protect against these attacks that are increasingly leading to costly breaches? This segment is sponsored by Pixm. Visit https://securityweekly.com/pixm to learn more about them!   Employee turnover is the biggest threat to any organization's IP. Nearly 60% of employees move to a new company within similar fields (think: competitors) and are using collaboration technology to take sensitive data at an alarming rate. Code42's Joe Payne will discuss how Insider Risk Management addresses data loss in a volatile job market while still enabling collaboration. This segment is sponsored by Code42. Visit https://securityweekly.com/code42 to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw277

Phishing attacks are increasingly focused on new vectors such as social media, business collaboration apps, and text messages. These vectors generally lack any protection for the end user. How can we protect against these attacks that are increasingly leading to costly breaches? This segment is sponsored by Pixm. Visit https://securityweekly.com/pixm to learn more about them!   Employee turnover is the biggest threat to any organization's IP. Nearly 60% of employees move to a new company within similar fields (think: competitors) and are using collaboration technology to take sensitive data at an alarming rate. Code42's Joe Payne will discuss how Insider Risk Management addresses data loss in a volatile job market while still enabling collaboration. This segment is sponsored by Code42. Visit https://securityweekly.com/code42 to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw277

Phishing attacks are increasingly focused on new vectors such as social media, business collaboration apps, and text messages. These vectors generally lack any protection for the end user. How can we protect against these attacks that are increasingly leading to costly breaches? This segment is sponsored by Pixm. Visit https://securityweekly.com/pixm to learn more about them!   Employee turnover is the biggest threat to any organization's IP. Nearly 60% of employees move to a new company within similar fields (think: competitors) and are using collaboration technology to take sensitive data at an alarming rate. Code42's Joe Payne will discuss how Insider Risk Management addresses data loss in a volatile job market while still enabling collaboration. This segment is sponsored by Code42. Visit https://securityweekly.com/code42 to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw277

All links and images for this episode can be found on CISO Series How dangerous is it for a cybersecurity professional to pull a G-d complex with the email server just because they didn't like the way one salesperson behaved? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is Jadee Hanson (@jadeehanson), CIO/CISO, Code42. Thanks to our podcast sponsor, Code42. As the Insider Risk Management leader, Code42 helps security professionals protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. For security practitioners, it means speed to detection and response. For companies, it means a collaborative workforce that is productive and a business that is secure. Visit http://Code42.com/showme to learn more. In this episode: Is it alright to block a vendor because one salesperson is persistent and annoying? How can one go about creating a cybersecurity report card? Is it just inevitable that your staff is going to eventually violate policies? How to determine a delicate balance between a complete non-tolerance policy versus complete tolerance?

In this episode of Inside Jobs, Abhik Mitra, Head of Portfolio Strategy at Code42, joins host Hillarie McClure to discuss the decades-old gap between the Governance, Risk and Compliance (GRC) committee and security, how we can bridge this gap, where Insider Risk Management can step in and help, and more. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

All links and images for this episode can be found on CISO Series Are bad security policies of yesteryear just because we didn't know any better at the time, or were they some bozos idea of legitimate security yet the rest of us knew it was just security theater? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Dr. Diane M Janosek (@dm_janosek), deputy director of compliance, NSA and senior legal advisor for Women in Cybersecurity. Thanks to our podcast sponsor, Code42 As the Insider Risk Management leader, Code42 helps security professionals protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. For security practitioners, it means speed to detection and response. For companies, it means a collaborative workforce that is productive and a business that is secure. Visit http://Code42.com/showme to learn more. In this episode: We highlight obsolete security policies to steer clear of. We examine security in space and how can others who are not directly involved in these industries create some type of positive impact? And we ask how we can improve inclusion by decrypting the lack of diversity in our industry.

All links and images for this episode can be found on CISO Series A young woman is killing it in her first cybersecurity job out of college. Management is so thrilled with her that they want to give her a promotion. Problem is the promotion reveals a lot of other innerworkings that don't speak well of the company's culture. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Davi Ottenheimer (@daviottenheimer), vp trust and digital ethics, Inrupt. Thanks to our podcast sponsor, Code42 As the Insider Risk Management leader, Code42 helps security professionals protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. For security practitioners, it means speed to detection and response. For companies, it means a collaborative workforce that is productive and a business that is secure. Visit http://Code42.com/showme to learn more. In this episode: A student has some serious privacy concerns when they learn that "all data is being monitored and anonymously collected." We examine how we can break from the Internet Oligarchs who appear to be consuming, selling, and using so much of our data. How GDPR can benefit organizations to stay ahead of the competition. A young recruit facing imposter syndrome after receiving a promotion with added responsibilities.

Data breach disclosures surge 14% in Q1 2022 Windows 11 tool to add Google Play secretly installed malware DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk.    Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.

NSO Group spyware reportedly used against European Commission The malware is coming from inside the phone OpenSSH gets ready for quantum computing Thanks to our episode sponsor, Code42 Cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data from exposure, leak and theft.   In fact, the Code42 Annual Data Exposure Report revealed there's a 1 in 3 chance that your company will lose IP when an employee quits. To learn more about stopping data leaks with Insider Risk Management visit Code42.com/showme.

New Meta information stealer distributed in malspam campaign NB65 group targets Russia with a modified version of Conti's ransomware Elon Musk unveils vision for Twitter after joining board Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk.    Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.

Germany takes down world's largest darknet market Anonymous leaks personal details of Russian soldiers CISA adds Spring4Shell to list of exploited vulnerabilities Thanks to our episode sponsor, Code42 Cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data from exposure, leak and theft.   In fact, the Code42 Annual Data Exposure Report revealed there's a 1 in 3 chance that your company will lose IP when an employee quits. To learn more about stopping data leaks with Insider Risk Management visit Code42.com/showme. For the stories behind the headlines, visit CISOseries.com

Russian secret police exposed in data leak MailChimp hit with breach The Bureau of Cyberspace and Digital Policy goes live Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk.    Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from “watchdog” to “guide dog” and everyone wins. Learn more at Code42.com/showme.

In this CyberWire-X episode, host Dave Bittner chats with the judges of the Insider Risk Excellence Awards. The inaugural awards program, announced during last September's Insider Risk Summit, recognizes the best of the best in Insider Risk Management. They honor the work of individuals and organizations as they address Insider Risk in the most collaborative work environment we've ever seen. Judges Joe Payne, President and CEO, Code42 and Chairman, Insider Risk Summit and Wendy Overton, Director of Cyber Strategy and Insider Risk Leader, Optiv, talk about the growing Insider Risk problem, reveal the winners of each award category and pull back the curtain on how each of these Insider Risk trailblazers are making an impact. 

En este episodio comentamos las novedades principales de Microsoft Seguridad en Sentinel y la suite de Defender. Tratamos casos de uso interesantes donde en el entorno de la integracion de IT e IoT, y otros casos de uso donde clientes buscan detectar casos donde usuarios realizan comportamientos abusivos contra otros

Microsoft's new Insider Risk Management features are a great addition to the security protections for businesses. However, this episode talks about the extent of monitoring you can do at the individual level and what this could do to the company/employee relationship. Source - https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-configure?view=o365-worldwide Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

Misuse of authorized access to an organization's critical assets is a significant concern for organizations of all sizes, missions, and industries. We at the CERT National Insider Threat Center have been collecting and analyzing data on incidents involving malicious and unintentional insider since 2001, and have worked with numerous organizations across government, industry, and academia to develop and validate controls and best practices to address these concerns. In this webcast, as a part of National Insider Threat Awareness Month, our experts provide an overview of the ongoing research in this area, and answer questions about how the threat landscape continues to evolve, and what organizations can and should do to address insider threats. What Attendees Will Learn: • The complexities of insider risk management and strategies for effectively balancing insider risk management program operations across the dimensions of people, organization, and management. • The latest findings from the CERT National Insider Threat Center's research into the different types of insider incidents – motivations, vulnerabilities, and common attack paths • The changing landscape of insider threat and a look into the future • The newest best practices and other resource that are available through the CERT National Insider Threat Center

In this episode of Inside Jobs, Joe Payne, President and CEO at Code42, joins host Hillarie McClure to discuss the three t's of an insider risk management program - transparency, training & technology. Code42 is defining data security standards for the hybrid workforce. As the needs of workforces have evolved, so has Code42's data security and insider risk management solutions. To learn more about our sponsor, visit https://code42.com/

In this episode, we chat all about Insider Risk Management with Mark Gabel, Senior Cybersecurity Cloud Solution Architect at Microsoft.