Uncovering Hidden Risks

Christian Koberg Pineda, Principal Security DevOps Engineer, Cloud Security & Innovation, Falabella joins Erica Toelle and guest host Bojan Magusic, on this week's episode of Uncovering Hidden Risks. In today's episode Erica, Christian and Bojan explore the complexities of managing security across multiple cloud platforms, highlighting the importance of standardization and centralized management. They also cover some of the challenges in identity management, securing cloud-native applications, and the evolving role of AI in both enhancing and threatening cloud security. Christian and Bojan share with Erica the need for innovative, adaptable approaches to stay ahead in the rapidly changing cloud security landscape. 

 
In This Episode You Will Learn:       
Importance of standardization and centralization for security solutions 
Centralizing identity management to handle multiple identity providers 
Implementing security checks in development pipelines to detect vulnerabilities 

Some Questions We Ask:     
What should organizations consider when standardizing CSPM across multiple clouds? 
How can organizations defend against next-gen AI attacks on cloud infrastructure? 
What future factors will impact securing multi-cloud environments? 

Resources:    
Download the “2024 State of Multicloud Security Report" today to identify your greatest risks and learn actionable strategies for strengthening multicloud security. 
  
View Christian Koberg Pineda on LinkedIn
View Bojan Magusic on LinkedIn  
View Erica Toelle on LinkedIn        
        
Related Microsoft Podcasts:                   
Afternoon Cyber Tea with Ann Johnson 
The BlueHat Podcast   
Microsoft Threat Intelligence Podcast 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.   
Hosted on Acast. See acast.com/privacy for more information.

Giulio Astori, Principal PM at Microsoft, joins Erica Toelle and guest host Yuri Diogenes on this week's episode of Uncovering Hidden Risks. Giulio Astori works as a Principal Program Manager for Microsoft Defender for Cloud and Yuri has been at Microsoft for the past 18 years and manages a Product Management team for the Defender for Cloud Product. In this discussion, Giulio delves into the world of Cloud Native Application Protection Platforms (CNAPPs), explaining their significance and utility in enhancing cloud security and protecting workloads. He explores the distinction between CNAPPs and Cloud Security Posture Management, shedding light on their roles in bolstering organizational security. 
 
In This Episode You Will Learn:      
What a Cloud Native Application Protection Platform is and why it's useful 
The difference between CNAPP and Cloud Security Posture Management 
How organizations can start to plan for CNAPP adoption 

Some Questions We Ask:      
Why is a CNAPP crucial for improving Cloud security and workload protection? 
Do you have any tips for how organizations can increase their maturity level?  
What distinguishes CNAPP from Cloud Security Posture Management in bolstering security? 
 
Resources:    
View Giulio Astori on LinkedIn  
View Yuri Diogenes on LinkedIn 
View Erica Toelle on LinkedIn        

From planning to deploying to operationalizing, the complete guide to implementing a CNAPP strategy is here - aka.ms/mscnapp
        
Related Microsoft Podcasts:                
Afternoon Cyber Tea with Ann Johnson 
The BlueHat Podcast   
Microsoft Threat Intelligence Podcast 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
 
Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.   
Hosted on Acast. See acast.com/privacy for more information.

Beau Faull, Technology Specialist at Microsoft and Asia Security Strategy Leader, Dmitry Butko,  join guest host Manny Sahota on this week's episode of Uncovering Hidden Risks. Today's episode sets the stage for a detailed exploration of regulatory challenges, cybersecurity trends, and Microsoft's approach to ensuring regulatory readiness in the digital landscape. Beau discusses Australian and global regulations, emphasizing the need to meet industry standards like GDPR and the Essential 8, while Dmitry expresses excitement about the increasing focus on regulatory compliance. The discussion highlights the complexities of balancing technology solutions with regulatory compliance, the importance of responsible data management practices, and the evolving culture of cybersecurity within organizations. 
 
In This Episode You Will Learn:      
The vital role of general counsel in tech solutions and compliance decisions
Misconception surrounding AI's role in surfacing security issues within organizations 
The importance of aligning technology solutions with regulatory requirements 

Some Questions We Ask:      
How Microsoft integrates security in product development? 
What are some global cybersecurity trends, particularly in regions like Australia? 
How does Microsoft Copilot ensure global regulatory compliance? 
   
Resources:    
View Beau Faull on LinkedIn  
View Dmitry Butko on LinkedIn 
View Manny Sahota on LinkedIn  
View Erica Toelle on LinkedIn        
        
Related Microsoft Podcasts:                  
Afternoon Cyber Tea with Ann Johnson 
The BlueHat Podcast   
Microsoft Threat Intelligence Podcast 

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
 
Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.   
Hosted on Acast. See acast.com/privacy for more information.

Jef Kazimer, Microsoft's Principal Product Manager, and Bailey Bercik, Senior Product Manager, join Erica Toelle and guest host Lisa Huang-North on this week's episode of Uncovering Hidden Risks. Today's episode will focus on security in the era of cloud and AI, with insights from Microsoft Security's product team. It will encompass AI-driven security measures, data protection, identity management, and compliance in the cloud while providing valuable insights for professionals navigating the evolving landscape of cloud security and AI's influence on it. Together, they discuss the importance of basic security hygiene, the implications of sophisticated AI-based attacks, and the necessity of adopting a defense-in-depth strategy to protect against emerging threats. 
 
In This Episode You Will Learn:      
The use of generative AI in attack vectors like phishing and social engineering 
Principles of zero trust and how they apply to AI systems 
Challenges and opportunities for securing identity and access in 2024  

Some Questions We Ask:      
How can organizations leverage Microsoft’s Zero Trust framework to protect their data? 
What are the best practices when implementing passwordless authentication? 
Are the principles of Zero Trust still relevant to this new wave of threats? 
  
Resources:    
View Lisa Huang-North on LinkedIn  
View Jef Kazimer on LinkedIn  
View Bailey Bercik on LinkedIn  
View Erica Toelle on LinkedIn     

MITRE ATLAS: MITRE | ATLAS™
Book: Not with a Bug but with a Sticker
Blog Post: Demystifing LLMs and Threats. Based off of my presentation for CSA | by Caleb Sima | csima | Medium 
        
Related Microsoft Podcasts:                    
Afternoon Cyber Tea with Ann Johnson 
The BlueHat Podcast   
Microsoft Threat Intelligence Podcast 
 
Discover and follow other Microsoft podcasts at microsoft.com/podcasts  
 
Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.   
Hosted on Acast. See acast.com/privacy for more information.

Patrick Chavez, Chief Privacy Officer at Edward Jones, joins Erica Toelle and guest host Mark Diamond, CEO of Contoural, on this week's episode of Uncovering Hidden Risks. Patrick leads the firm's privacy efforts and develops and implements policies and processes for preparing for and responding to cyber and privacy incidents. He also oversees the firm’s Records and Information Management Program within the Legal Division. He provides legal guidance and advice to the firm’s business areas on eDiscovery, privacy, information and data security and protection, and information governance. Contoural is the largest independent provider of strategic Information Governance consulting services, including records management, privacy, litigation readiness, and employee collaboration. Contoural is also a trusted advisor to more than 30% of the Fortune 500 plus many mid-size and public sector organizations.  

In This Episode You Will Learn:     

How to successfully execute policies and meet regulatory requirements

Management tools for privacy, eDiscovery, and Information Security conflicts

How Edward Jones aligns its legal support for privacy and records management.

Some Questions We Ask:    

How have you seen companies successful in building senior-level support?

What is the most significant barrier to creating a unified or federated approach? 

How should organizations consider policy creation to ensure they can be executed?

Resources:   
View Patrick Chavez on LinkedIn
View Mark Diamond on LinkedIn
View Erica Toelle on LinkedIn       
       
Related Microsoft Podcasts:                  

Afternoon Cyber Tea with Ann Johnson

The BlueHat Podcast  

Microsoft Threat Intelligence Podcast

Discover and follow other Microsoft podcasts at microsoft.com/podcasts 

Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.
Hosted on Acast. See acast.com/privacy for more information.