Fast-track generative AI security with Microsoft Purview
Read how Microsoft Purview can secure and govern generative AI quickly, with minimal user impact, deployment resources, and change management.
Steve Vandenberg
Working with a cybersecurity committee of the board
Learn about the rise of cybersecurity committees and how the CISO and IT security team can work with them to produce the best result for the organization’s IT security and enable digital transformation.
Microsoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacks
Microsoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy.
SEC cyber risk management rule—a security and compliance opportunity
The proposed Securities and Exchange Commission rule creates new reporting obligations for United States publicly traded companies to disclose cybersecurity incidents, risk management, policies, and governance. This blog describes how the rule is an opportunity for the IT security team to provide value to the company.
IT security: An opportunity to raise corporate governance scores
Corporate Governance scoring is increasingly important to boards of directors, executive leadership, and the investment community. Governance frameworks now incorporate aspects of IT security. Communicating the security message in ways that impact a company’s governance score is important to getting attention and investment from corporate leadership. This post examines a leading governance framework from Institutional Shareholder Services, Governance QualityScore, and the specifics of how IT security can increase a company’s score.
Manage subject rights requests at scale with Microsoft Priva
Having the right technology and processes in place can make it possible to manage a large volume of SRRs efficiently and auditable. This post discusses SRR response use cases and how Microsoft Priva subject rights requests can be used for this purpose.
Privacy compliance for smart meter infrastructure with Microsoft Information Protection and Azure Purview
Smart meters and smart grid infrastructure have been deployed in many of the world’s electric distribution grids. They promise energy conservation, better grid management for utilities, electricity theft reduction, and a host of value-added services for consumers.
Meet critical infrastructure security compliance requirements with Microsoft 365
Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Operators must manage industrial control systems as well as IT environments that are part of critical infrastructure or can form attack surfaces for control systems.
Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact
GDPR, HIPPA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of relevant regulatory information, they must report it within the required time frame. The size and scope of this reporting effort can be massive. Using Microsoft 365 Advanced Audit and Advanced eDiscovery to better understand the scope of the breach can minimize the burden on customers as well as the financial and reputational cost to the organization.
Microsoft Advanced Compliance Solutions in Zero Trust Architecture
Zero Trust architecture starts with Identity and Access Management but it doesn’t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.
NERC CIP Compliance in Azure vs. Azure Government cloud
North American Electric Reliability Corporation—Critical Infrastructure Protection (NERC CIP) Compliance options in Azure public cloud and Azure Government.
NERC CIP compliance in Azure
Microsoft has made substantial investments in enabling our Bulk Electric System (BES) customers to comply with NERC CIP in Azure.