Learn about the rise of cybersecurity committees and how the CISO and IT security team can work with them to produce the best result for the organization’s IT security and enable digital transformation.
Microsoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy.
The proposed Securities and Exchange Commission rule creates new reporting obligations for United States publicly traded companies to disclose cybersecurity incidents, risk management, policies, and governance. This blog describes how the rule is an opportunity for the IT security team to provide value to the company.
Corporate Governance scoring is increasingly important to boards of directors, executive leadership, and the investment community. Governance frameworks now incorporate aspects of IT security. Communicating the security message in ways that impact a company’s governance score is important to getting attention and investment from corporate leadership. This post examines a leading governance framework from Institutional Shareholder Services, Governance QualityScore, and the specifics of how IT security can increase a company’s score.
Having the right technology and processes in place can make it possible to manage a large volume of SRRs efficiently and auditable. This post discusses SRR response use cases and how Microsoft Priva subject rights requests can be used for this purpose.
Smart meters and smart grid infrastructure have been deployed in many of the world’s electric distribution grids. They promise energy conservation, better grid management for utilities, electricity theft reduction, and a host of value-added services for consumers.
Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Operators must manage industrial control systems as well as IT environments that are part of critical infrastructure or can form attack surfaces for control systems.
GDPR, HIPPA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of relevant regulatory information, they must report it within the required time frame. The size and scope of this reporting effort can be massive. Using Microsoft 365 Advanced Audit and Advanced eDiscovery to better understand the scope of the breach can minimize the burden on customers as well as the financial and reputational cost to the organization.
Zero Trust architecture starts with Identity and Access Management but it doesn’t end there. Microsoft Advanced Compliance solutions complement Azure Active Directory and Conditional Access with important protections around the data, applications and network pillars.
North American Electric Reliability Corporation—Critical Infrastructure Protection (NERC CIP) Compliance options in Azure public cloud and Azure Government.
