Highlights from Microsoft’s Virtual Security Summit

Written by Dan Callahan

I'm the VP of Global Services at CGNET. I manage our Cybersecurity and Cloud Services businesses. I also provide consulting and handle a lot of project management. I wear a lot of hats. Professionally, I'm a builder of businesses. Outside of work, I'm a hobby farmer, chef, skier, dog walker, jokester, woodworker, structuralist, husband and father.

March 15, 2018

Written by Dan Callahan

I'm the VP of Global Services at CGNET. I manage our Cybersecurity and Cloud Services businesses. I also provide consulting and handle a lot of project management. I wear a lot of hats. Professionally, I'm a builder of businesses. Outside of work, I'm a hobby farmer, chef, skier, dog walker, jokester, woodworker, structuralist, husband and father.

March 15, 2018

Highlights from Microsoft’s Virtual Security Summit

I joined a “security summit” held this week by Microsoft, to learn more about the state of security from some of their top practitioners. I couldn’t attend the entire event, but I did capture some securityhighlights, which I’ll share here.

  • I didn’t realize that the Peta/NotPetya malware was introduced in an unusual way. Someone infected computer devices in a target company’s supply chain. That was a new one for me.
  • Malware is all about monetization—how to make money. That’s not news. What is new, however, is that some malware takes place to enable cryptocurrency mining.
  • One quote I picked up: “Security is not a binary choice.” Security shouldn’t be thought of as a “do it/don’t do it” choice. It’s about making your organization a less attractive target for hacking than the next organization. You remember the quote about avoiding the bear: “I don’t have to run faster than the bear. I just have to run faster than you.”
  • A new term to me: “the Defender’s Dilemma.” First, you figure out what to do. Then, you do it. Then, you demonstrate that you did the right thing. The last part is critical!
  • There was talk about eventually using Artificial Intelligence to make full remediation decisions. That sounds far in the future. But then, that’s what I used to think about autonomously driven trucks as well.
  • I didn’t understand the value of Windows as a Service when it first came out, other than as a rent-vs-buy choice. But there is an interesting use case: automated patch application, as well as automated operating system updates. We’ve all heard stories about organizations who were hit with malware or viruses and could have avoided the situation had they been up to date on OS patches.

Interesting insights from a space that’s evolving rapidly!

You May Also Like…

How Secure are Password Managers?

How Secure are Password Managers?

We’ve recommended using password managers many times in past posts. (See here and here). But the usual worry still...

You May Also Like…

How Secure are Password Managers?

How Secure are Password Managers?

We’ve recommended using password managers many times in past posts. (See here and here). But the usual worry still...

0 Comments

Translate »
Share This
Subscribe