Episodes

  • Understanding Cloud Native Applications Protection Platform (CNAPP)

    Understanding Cloud Native Applications Protection Platform (CNAPP)
    Apr 24 2024
    Giulio Astori, Principal PM at Microsoft, joins Erica Toelle and guest host Yuri Diogenes on this week's episode of Uncovering Hidden Risks. Giulio Astori works as a Principal Program Manager for Microsoft Defender for Cloud and Yuri has been at Microsoft for the past 18 years and manages a Product Management team for the Defender for Cloud Product. In this discussion, Giulio delves into the world of Cloud Native Application Protection Platforms (CNAPPs), explaining their significance and utility in enhancing cloud security and protecting workloads. He explores the distinction between CNAPPs and Cloud Security Posture Management, shedding light on their roles in bolstering organizational security. In This Episode You Will Learn: What a Cloud Native Application Protection Platform is and why it's useful The difference between CNAPP and Cloud Security Posture Management How organizations can start to plan for CNAPP adoption Some Questions We Ask: Why is a CNAPP crucial for improving Cloud security and workload protection? Do you have any tips for how organizations can increase their maturity level? What distinguishes CNAPP from Cloud Security Posture Management in bolstering security? Resources: View Giulio Astori on LinkedIn View Yuri Diogenes on LinkedIn View Erica Toelle on LinkedIn From planning to deploying to operationalizing, the complete guide to implementing a CNAPP strategy is here - aka.ms/mscnapp Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.
    Show more Show less
    42 mins
  • Securing the Digital Frontier: Global Regulatory Readiness with Microsoft

    Securing the Digital Frontier: Global Regulatory Readiness with Microsoft
    Mar 20 2024
    Beau Faull, Technology Specialist at Microsoft and Asia Security Strategy Leader, Dmitry Butko, join guest host Manny Sahota on this week's episode of Uncovering Hidden Risks. Today's episode sets the stage for a detailed exploration of regulatory challenges, cybersecurity trends, and Microsoft's approach to ensuring regulatory readiness in the digital landscape. Beau discusses Australian and global regulations, emphasizing the need to meet industry standards like GDPR and the Essential 8, while Dmitry expresses excitement about the increasing focus on regulatory compliance. The discussion highlights the complexities of balancing technology solutions with regulatory compliance, the importance of responsible data management practices, and the evolving culture of cybersecurity within organizations. In This Episode You Will Learn: The vital role of general counsel in tech solutions and compliance decisions Misconception surrounding AI's role in surfacing security issues within organizations The importance of aligning technology solutions with regulatory requirements Some Questions We Ask: How Microsoft integrates security in product development? What are some global cybersecurity trends, particularly in regions like Australia? How does Microsoft Copilot ensure global regulatory compliance? Resources: View Beau Faull on LinkedIn View Dmitry Butko on LinkedIn View Manny Sahota on LinkedIn View Erica Toelle on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.
    Show more Show less
    34 mins
  • Secure Access in the Era of AI

    Secure Access in the Era of AI
    Feb 21 2024
    Jef Kazimer, Microsoft's Principal Product Manager, and Bailey Bercik, Senior Product Manager, join Erica Toelle and guest host Lisa Huang-North on this week's episode of Uncovering Hidden Risks. Today's episode will focus on security in the era of cloud and AI, with insights from Microsoft Security's product team. It will encompass AI-driven security measures, data protection, identity management, and compliance in the cloud while providing valuable insights for professionals navigating the evolving landscape of cloud security and AI's influence on it. Together, they discuss the importance of basic security hygiene, the implications of sophisticated AI-based attacks, and the necessity of adopting a defense-in-depth strategy to protect against emerging threats.    In This Episode You Will Learn:       The use of generative AI in attack vectors like phishing and social engineering  Principles of zero trust and how they apply to AI systems  Challenges and opportunities for securing identity and access in 2024   Some Questions We Ask:       How can organizations leverage Microsoft’s Zero Trust framework to protect their data?  What are the best practices when implementing passwordless authentication?  Are the principles of Zero Trust still relevant to this new wave of threats?     Resources:     View Lisa Huang-North on LinkedIn   View Jef Kazimer on LinkedIn   View Bailey Bercik on LinkedIn   View Erica Toelle on LinkedIn      MITRE ATLAS: MITRE | ATLAS™ Book: Not with a Bug but with a Sticker Blog Post: Demystifing LLMs and Threats. Based off of my presentation for CSA | by Caleb Sima | csima | Medium           Related Microsoft Podcasts:                     Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast    Microsoft Threat Intelligence Podcast    Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.   
    Show more Show less
    24 mins
  • How to Master Risk and Compliance Initiatives

    How to Master Risk and Compliance Initiatives
    Dec 13 2023
    Patrick Chavez, Chief Privacy Officer at Edward Jones, joins Erica Toelle and guest host Mark Diamond, CEO of Contoural, on this week's episode of Uncovering Hidden Risks. Patrick leads the firm's privacy efforts and develops and implements policies and processes for preparing for and responding to cyber and privacy incidents. He also oversees the firm’s Records and Information Management Program within the Legal Division. He provides legal guidance and advice to the firm’s business areas on eDiscovery, privacy, information and data security and protection, and information governance. Contoural is the largest independent provider of strategic Information Governance consulting services, including records management, privacy, litigation readiness, and employee collaboration. Contoural is also a trusted advisor to more than 30% of the Fortune 500 plus many mid-size and public sector organizations.   In This Episode You Will Learn:      How to successfully execute policies and meet regulatory requirements Management tools for privacy, eDiscovery, and Information Security conflicts How Edward Jones aligns its legal support for privacy and records management. Some Questions We Ask:     How have you seen companies successful in building senior-level support? What is the most significant barrier to creating a unified or federated approach?  How should organizations consider policy creation to ensure they can be executed? Resources:    View Patrick Chavez on LinkedIn View Mark Diamond on LinkedIn View Erica Toelle on LinkedIn                Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast   Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts  Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.
    Show more Show less
    38 mins
  • Unveil Data Security Paradoxes

    Unveil Data Security Paradoxes
    Oct 25 2023
    Herain Oberoi, General Manager of Data Security, Privacy, and Compliance for Microsoft, joins Erica Toelle and guest host Tina Ying, Senior Product Marketing Manager at Microsoft, on this week's episode of Uncovering Hidden Risks. Microsoft has recently released a new report called the Data Security Index. Erica, Tina, and Herain explain what drove the team to complete this research, release the report, and share valuable insights that can empower organizations to optimize their data security programs.    In This Episode You Will Learn:       Why more tools bring less security, but organizations still adopt them  When organizations should allocate resources to optimize data security  How security leaders can lead their teams with the goal of enhancing all-up security posture  Some Questions We Ask:      How can organizations enhance their data security posture?  Should organizations purchase best-of-suite or best-of-breed solutions?  What advice do you give organizations with the challenge of using isolated solutions?     Resources:     View Herain Oberoi on LinkedIn  View Tina Ying on LinkedIn  View Erica Toelle on LinkedIn    Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast   Security Unlocked     Security Unlocked: CISO Series with Bret Arsenault Microsoft Threat Intelligence Podcast Secure the Job: Breaking into Security       Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.  
    Show more Show less
    21 mins
  • Cloud Security Posture Management: Top Risks and Best Practice Solutions

    Cloud Security Posture Management: Top Risks and Best Practice Solutions
    Sep 27 2023
    Drew Nicholas, Microsoft Principal Security Global Black Belt, joins Erica Toelle and guest host Daniela Villarreal, Sr. Product Marketing Manager for Microsoft Defender for Cloud, on this week's episode of Uncovering Hidden Risks. Drew has spent eight-plus years at Microsoft in different roles. These roles include working for Microsoft's consulting services, Microsoft's customer-facing Incident Response team, and his current position. Drew, Erica, and Daniela provide insight into hidden risks in cloud-native apps to help customers gain visibility and control of their cloud security posture to take a risk-based approach to proactive cloud security.     In This Episode You Will Learn:       How cloud security posture fits into the big picture of security  Qualities organizations should look for in a cloud security posture management tool  How different platforms can help strengthen cloud security posture  Some Questions We Ask:      Regarding cloud-native application development, what security trends have you seen?   Why is cloud security posture so important?  What risks can a unified security posture management approach help address?    Resources:     View Drew Nicholas on LinkedIn  View Daniela Villarreal on LinkedIn  View Erica Toelle on LinkedIn    Related Microsoft Podcasts:            Listen to: Afternoon Cyber Tea with Ann Johnson    Listen to: Security Unlocked       Listen to: Security Unlocked: CISO Series with Bret Arsenault          Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.  
    Show more Show less
    31 mins
  • Cybersecurity 101: What Are the Three Pillars of a Robust Strategy

    Cybersecurity 101: What Are the Three Pillars of a Robust Strategy
    Aug 30 2023
    Cybersecurity is not just a defensive strategy; it can be a powerful driver of an organization's success. In this episode, host Erica Toelle talks to Nashid Shaker, AVP, Information and Cyber Security Strategy at Canadian Western Bank Financial Group, and Antonio Maio, Managing Director at Protiviti, about how to tactically create a cybersecurity strategy that aligns with business goals, fosters trust, and enables innovation. Nash is an experienced and innovative cybersecurity leader passionate about orchestrating secure digital transformations that fuel growth—leveraging a multidisciplinary background in strategic planning and cybersecurity.    In This Episode You Will Learn:       When it’s time to re-evaluate your cybersecurity strategy.  What cybersecurity leaders should think about today to prepare for a future that will use AI.  Predictions for cybersecurity in the next 2-4 years.  Some Questions We Ask:      What is the top risk that organizations tend to overlook?  What are some tips for how cybersecurity leaders should engage with the c-suite?   Can cybersecurity contribute to an organization's bottom line or mission?    Resources:     View Nash Shaker on LinkedIn  View Antonio Maio on LinkedIn  View Erica Toelle on LinkedIn    Related Microsoft Podcasts:                    Listen to: Afternoon Cyber Tea with Ann Johnson    Listen to: Security Unlocked       Listen to: Security Unlocked: CISO Series with Bret Arsenault        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.  
    Show more Show less
    37 mins
  • How eDiscovery Can Help You Reduce Data and Risks in Three Steps

    How eDiscovery Can Help You Reduce Data and Risks in Three Steps
    Jun 21 2023
    As data volumes continue to balloon, it's becoming clear that the quickest path to victory does not involve the fewest steps. This month's episode of Uncovering Hidden Risks explores ways to defensibly move data minimization decisions upstream to collaboratively expedite the eDiscovery process. EJ Bastien, Director of Discovery Programs at Microsoft, joins Erica Toelle and guest host Caitlin Fitzgerald for the discussion. EJ leads the eDiscovery and Litigation Support team at Microsoft. EJ shares his experience using technology to address the challenges of eDiscovery in the modern cloud world and shares some strategies and best practices to help mitigate risk.       In This Episode You Will Learn:       Advice for organizations trying to handle the growing amount of new data types   Best practices for implementing an effective eDiscovery strategy  Why you should be excited about the future of eDiscovery      Some Questions We Ask:      What trends are you seeing that are affecting the eDiscovery space?  How you are approaching some of the new technology innovations?   What benefits are there to using Purview eDiscovery Premium internally at Microsoft?     Resources:     View EJ Bastien on LinkedIn  View Caitlin Fitzgerald on LinkedIn  View Erica Toelle on LinkedIn    Related Microsoft Podcasts:            Listen to: Afternoon Cyber Tea with Ann Johnson    Listen to: Security Unlocked       Listen to: Security Unlocked: CISO Series with Bret Arsenault          Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.  
    Show more Show less
    22 mins