Microsoft at RSA 2022: Envisioning the future of security

Tech News

Like most of you, I was happy to see the 2022 RSA Conference return to its in-man or woman roots immediately after a two-year electronic hiatus. This year’s occasion was a wonderful good results, drawing 26,000 attendees to 3 days of chopping-edge protection classes, tutorials, seminars, and special occasions at Moscone Centre in San Francisco. The convention integrated much more than 600 speakers and 400-moreover exhibitors, along with hundreds of media reps. Microsoft Stability was on the floor, interacting with clients and protection gurus at Microsoft’s 20-in addition acquired classes, as effectively as showcasing new answers like Microsoft Entra that assistance notice our objective of in depth safety.

I was honored to give a keynote tackle (movie courtesy of RSA Convention) on the long term of cybersecurity, including a search at in which engineering and human knowledge are headed, as well as why generating a far more inclusive and assorted protection workforce will be vital in our protection against evolving threats. Also addressing a subject that’s develop into more urgent with the advancement of the decentralized business, my colleague Bret Arsenault, Microsoft Company Vice President (CVP) and Main Facts Safety Officer (CISO), gave a special presentation on managing Shadow IT. All in all, it was a enjoyment, collegial, and productive 5 times. Let’s search at some of the highlights.

Vasu Jakkal, Corporate Vice President, Microsoft Security, Compliance, Identity and Privacy, speaking at RSA Conference 2022.

Figure 1. Vasu Jakkal gives the keynote address—Innovation, Ingenuity, and Inclusivity: The Potential of Security is Now.

Microsoft Protection Hub—you created it shine

Many thanks to our attendees and some tricky operate by our onsite team, the Microsoft pre-working day party was a big hit. We registered 430 attendees for this all-day party held on June 5, 2022, at Bespoke Celebration Center. Attendees were able to partake in Q&As with safety authorities about Zero Believe in, threat intelligence, multicloud protection, risk management, and how Microsoft is re-envisioning the long term of identification and access with Microsoft Entra.

I hosted Bret Arsenault in a fireside chat about navigating today’s protection problems and my colleague Joy Chik, CVP of Identity and Entry, manufactured a specific presentation on Microsoft Entra and the believe in cloth of identity.

Joy Chik, Corporate Vice President of Identity and Access, speaking at RSA Conference 2022.

Figure 2. CVP of Identity and Obtain Joy Chik speaks at the 2022 RSA Conference.

Attendees also enjoyed our immersive walkthrough artwork expertise (and of study course, the customized swag bar). A lot of friends took edge of the reception to network with other stability professionals and reconnect with old pals. It was good to see some common faces and share new insights with defenders throughout our community—a major thank you to every person who joined us!

Visitors explore the Microsoft Security Hub and network with other security professionals.

Determine 3. Attendes network at the Microsoft Protection Hub.

Microsoft experienced a booth at the North Expo of RSA which showcased Microsoft detailed protection alternatives across our 6 solution people: Microsoft Entra, Microsoft Endpoint Supervisor, Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Microsoft Priva. Additional than 7,300 persons frequented the Microsoft booth.

People explore the Microsoft Security booth at RSA Conference 2022.

Determine 4. Microsoft Security booth at RSA Convention 2022.

Standout classes

Microsoft speakers appeared in extra than 20 earned periods at this year’s RSA, addressing everything from offer chain attacks to ransomware, botnets, and means to guard our democracy. We also hosted 40 periods in our booth. Some of our most well-known sessions incorporated:

  • Practical Learnings for Danger Hunting and Increasing Your Protection Posture: Hosted by Jessica Payne, Principal Protection Researcher and Danger Intelligence Strategist at Microsoft, and Simon Dyson, Cyber Protection Functions Centre Guide in NHS Digitals Knowledge Protection Centre, this 50-minute session dealt with menace searching and stability posture enhancements from a danger intelligence-informed perspective. Attendees acquired insights from Jessica’s practical experience in demystifying and defusing serious-planet ransomware assaults. They also received a to start with-hand recounting of Simon’s do the job securing the complicated network managed by England’s Nationwide Well being Assistance (NHS) in the course of the pandemic, and how his team’s expertise can benefit all of us.
  • Conti Playbook: Infiltrate the Most Rewarding Ransomware Gang: Members uncovered how a disgruntled affiliate exposed one particular of the most infamous ransomware gangs, divulging its ransomware-as-a-assistance (RaaS) insider secrets to assistance consider them down. This immersive, arms-on workshop guided attendees via a usual Conti assault sequence and supplied ideas to defend in opposition to advanced persistent threats. Thanks to Tom D’Aquino, Fabien Guillot, and Arpan Sarkar of Microsoft spouse Vectra AI for this presentation.
  • Microsoft Defender Gurus for Looking Has Acquired Your Back again: Abhishek Agarwal, Main Safety and Engineering Officer at Helix Biotech, examined threat hunting’s virtuous cycle: observe, hunt, and evaluate. Specifically, attendees learned how Microsoft Defender Experts for Looking uses AI to attain all three parts of the cycle more quickly, furnishing automatic detection, hunting, and assessment to aid the workforce observe and stop threats throughout the company’s multi-national business.
  • Microsoft Stability Research—How We Responsibly Disclose Vulnerabilities to Apple, Google, and the Linux Group: Jonathan Bar Or, Principal Security Researcher at Microsoft, mentioned how disclosing bugs makes the world safer and rewards customers, as effectively as giving Microsoft Safety a improved knowledge of the technologies we perform to protect.​ The objective is to problem our have detections and show product or service truth—making Microsoft Defender more robust by complicated our individual blue groups.​
  • Resolve Secure Entry Needs for Workload Identities with Microsoft Entra: Microsoft Product or service Professionals Nick Wryter and Sandy Jiang led this useful session on the phenomenon of exploding workload identities. At this time, workload identities outnumber person identities 5 to just one the problem staying that quite a few traditional identity and entry administration alternatives really don’t handle these commonplace and often above-permitted identities. Nick and Sandy explained how the new Microsoft Entra addresses this challenge by supplying a in depth see of every single motion executed by any identity on any useful resource, detecting anomalous permission utilization at cloud scale.
  • Monitoring Extremely Evasive APTs with Vectra Detect & Microsoft Sentinel: Tom D’ Aquino, Senior Safety Engineer at Vectra AI, led this demonstration of real-existence risk-hunting applying Vectra Detect and Microsoft Sentinel. Tom demonstrated authentic-globe workflows for risk tracking, like person menace severity, lateral movement, threat targets, and additional.
  • The Change of “Why” and “How” of Ransomware Attacks How Microsoft Aids Customers Endure Ransomware: Led by MacKenzie Brown of Microsoft’s Detection and Reaction Workforce (DART), this session examined the how and why guiding the modern increase in ransomware attacks. Attendees discovered how attackers have advanced their techniques to exert least work for highest return on expenditure (ROI), and why DART’s methodology can aid you defeat them.

Shining a mild on Shadow IT

Shadow IT can be broadly outlined as a “set of apps, solutions, and infrastructure that are made and managed exterior of outlined corporation benchmarks.” These forms of advertisement-hoc units can pose a compliance threat, particularly for protection, privateness, data governance, and accessibility. Like any corporation, Microsoft has not been immune to the proliferation of Shadow IT.

Vasu Jakkal and Bret Arsenault  on stage at the Microsoft pre-event.

Figure 5. Vasu Jakkal and Bret Arsenault discuss at the Microsoft pre-day party.

In preserving with our dedication to stability for all, Microsoft CVP and CISO Bret Arsenault gave a exclusive presentation on June 8, 2022, addressing Microsoft’s tactic to managing Shadow IT. Bret reviewed how Microsoft’s protection team is enabling engineers and builders to develop and operate protection abilities in the cloud, as properly as Microsoft’s three primary ideas for handling and addressing Shadow IT. For attendees wanting to study far more, we followed up the party with a free of charge white paper on handling Shadow IT.  We’ve also manufactured Bret’s presentation slides available to all people.

2022 Excellence Awards

The Microsoft Security Excellence Awards (formerly Microsoft Safety 20/20 Awards) recognize Microsoft Intelligent Stability Affiliation (MISA) members’ achievements during the earlier 12 months. This year’s 10 award groups have been very carefully picked to figure out the exclusive ways MISA members aid their prospects and assistance improve Microsoft stability goods. Our cross-purposeful panel carefully examined hundreds of nominations, narrowing the field to just three finalists for each group.

In the spirit of collaboration, Microsoft and MISA customers alike voted on the winners. Immediately after supper and cocktails, the awards were being handed out at the San Francisco Design Heart by Microsoft executives Phil Montgomery, Andrew Conway, Alym Rayani, Irina Nechaeva, Desmond Forbes, Sue Bohn, Mandana Javaheri, Madhu Prasha, Scott Woodgate, and myself. MISA users are a important element of our strategy to complete protection. We’re grateful for their vision and determination to our shared mission of aiding buyers do far more, safely and securely. To all of this year’s finalists and winners—congratulations!

Thorough protection calendar year-round

Microsoft now guards 785,000 consumers around the globe, such as our individual digital estate. Our purpose is to offer detailed security for our prospects when enabling bigger security for our shared on line globe. Microsoft’s most effective-in-breed defense, developed-in intelligence, and simplified management integrates a lot more than 50 products categories in 6 product families, making it possible for you to be fearless in the pursuit of your eyesight.  Our newest item relatives, Microsoft Entra, can help fulfill that mission by building a safe entry place for stop-to-close safety. Entra gives a unified admin centre for Azure Lively Directory (Azure Ad), Entra Permissions Management, and Entra Verified ID in which your firm can speedily validate and protected just about every id or accessibility request—all in 1 place.

Our dedication to detailed safety also signifies providing the most current investigate and to start with-hand awareness to assist maintain your group secure. You can understand extra at Cyber Indicators, a cyberthreat intelligence brief drawn from the most recent Microsoft info and study. If you attended RSA and engaged with Microsoft, make sure you take a number of minutes to reply to our RSAC 2022 survey so we can carry on to boost your encounter. My thanks to anyone who attended, and we’ll see you following year!  

To find out a lot more about Microsoft Protection options, visit our website. Bookmark the Security blog to preserve up with our skilled coverage on protection issues. Also, comply with us at @MSFTSecurity for the most recent news and updates on cybersecurity.

Sharing is caring!

Facebook Comments

Leave a Reply