Trevor Failor on LinkedIn: AD Forest Recovery & SaaS Identity Risk Management (2024)

The latest update for #RiskOptics includes "The Benefits of Using a #Compliance-Oriented DataManagement Platform" and "Key Steps to Improving Strategic #VendorManagement". #cybersecurity #riskmanagement https://lnkd.in/de73fkJ8

The latest update for #RiskOptics includes "Identifying Assets for IT Risk Analysis" and "The Benefits of Using a #Compliance-Oriented Data Management Platform". #cybersecurity #riskmanagement https://lnkd.in/de73fkJ8

Microsoft 365, Four Ways- Github free version w ~80 inspectors- 24-7 monitoring with our MDR ingestion of Microsoft 365 logs- Full-service Microsoft 365 assessments- Productization Soteria Inspect for Microsoft 365, licensed software, >200 Inspectors#microsoft365 #innovation#informationsecurity #manageddetectionandresponse #incidentresponse

7

Enh, I don't need to know my data security posture.....Any interesting takeaway from this article - in reference to willful blindness:𝘛𝘩𝘢𝘵 𝘮𝘦𝘢𝘯𝘴 𝘤𝘰𝘮𝘱𝘢𝘯𝘪𝘦𝘴 𝘴𝘩𝘰𝘶𝘭𝘥 𝘩𝘢𝘷𝘦 𝘤𝘰𝘯𝘵𝘪𝘯𝘶𝘰𝘶𝘴 𝘷𝘪𝘴𝘪𝘣𝘪𝘭𝘪𝘵𝘺 𝘪𝘯𝘵𝘰 𝘢𝘭𝘭 𝘵𝘩𝘦𝘪𝘳 𝘥𝘪𝘨𝘪𝘵𝘢𝘭 𝘢𝘴𝘴𝘦𝘵𝘴, 𝘱𝘳𝘪𝘰𝘳𝘪𝘵𝘪𝘻𝘦 𝘩𝘢𝘯𝘥𝘭𝘪𝘯𝘨 𝘮𝘪𝘴𝘤𝘰𝘯𝘧𝘪𝘨𝘶𝘳𝘢𝘵𝘪𝘰𝘯𝘴, 𝘢𝘯𝘥 𝘢𝘥𝘥𝘳𝘦𝘴𝘴 𝘧𝘪𝘯𝘥𝘪𝘯𝘨𝘴 𝘧𝘳𝘰𝘮 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘢𝘶𝘥𝘪𝘵𝘴. 𝘌𝘹𝘦𝘤𝘶𝘵𝘪𝘷𝘦𝘴 𝘮𝘶𝘴𝘵 𝘩𝘢𝘷𝘦 𝘤𝘰𝘮𝘮𝘢𝘯𝘥 𝘰𝘷𝘦𝘳 𝘵𝘩𝘦𝘪𝘳 𝘥𝘪𝘨𝘪𝘵𝘢𝘭 𝘦𝘴𝘵𝘢𝘵𝘦 𝘢𝘯𝘥 𝘸𝘰𝘶𝘭𝘥 𝘣𝘦𝘯𝘦𝘧𝘪𝘵 𝘧𝘳𝘰𝘮 𝘶𝘴𝘪𝘯𝘨 𝘢𝘥𝘷𝘦𝘳𝘴𝘢𝘳𝘪𝘢𝘭 𝘢𝘯𝘥 𝘥𝘪𝘴𝘤𝘭𝘰𝘴𝘶𝘳𝘦 𝘵𝘩𝘪𝘯𝘬𝘪𝘯𝘨.Long known for securing backup data, Rubrik extends what can be done when you have observability into ALL of your corporate data. Rubrik DSPM provides agile data security across multi-cloud environments using cutting-edge preventive and detective controls for posture management, access governance, threat monitoring, and response.#Rubrik #dspm #cyberresiliencehttps://lnkd.in/eVRvgpeM

8

Your business likely runs on the Microsoft 365 platform. Our team has deep expertise in defending it. - Our Incident Response team continues to respond to cyber attacks and security incidents centered around Microsoft 365- We built a Managed Detection and Response (MDR) offering specifically for the M365 platform, helping businesses like yours better defend against these targeted threats- We engineered our own custom detections based, in part, on lessons learned from the Incident Response side of our business, providingyou the benefits of our IR experiences - We released a free and open source tool, 365Inspect, to help organizations identify security misconfigurations or ‘by default’ settings that can pose cybersecurity risk The tool is still maintained, and now has ~80 inspectors covering the suite of M365 products (it can be found here https://lnkd.in/dx_395R)- We developed Soteria Inspect for Microsoft 365 to deliver, at scale, a Software-as-a-Service based solution to allow businesses like yours to identify, remediate, and track over time, your M365 configurations It provides added visibility to help enhance your security posture and ultimately reduce your cybersecurity risk.Soteria Inspect for Microsoft 365 has a simple onboarding process, has over 200 Inspectors (and growing!), and regularly introduces new features. You can learn more here https://lnkd.in/gaWWcQXh So what's next?To continue to multiply the impact of our team and help more organizations protect their M365 environments, we are excited to introduce and publish our curated and managed set of detections, available on the LimaCharlie Security Operations platform. More to follow on this soon!

33

Having a password management strategy is critical, especially during an attack on your organization. Knowing that you can rotate passwords quickly without taking systems down and limiting an attacker's lateral movement is vital for business continuity.https://lnkd.in/dBMkkKdd

4

Security Capabilities and Maturity are reflected in the management systems that manage information security. For example, they are compliant with the #ISO27001 Information Security Management System international standard. Implementing #informationsecurity management systems based on the ISO/IEC 27001 standard will allow organisations to carry out information security risk management activities and processes based on the #ISO27005 standard to address information security risks, the implementation and operations of risk-based #securitycontrols, and the continuing monitoring and improvement of the system to evolve and dynamically adjust to the #businesslandscape and the business' #threatlandscape.Strong "Security Principles" go way beyond technology and processes and are centred on business context, leadership, and governance—that is, Governance, Risk, and Compliance (#GRC). As a result, addressing security and the #securityculture begins in the #boardroom and/or among #seniorexecutives to promote a strong #cultureofsecurity, improve #digitaltrust and security reputation, and build a secure community among all stakeholders.Contact us today to start your NextSecurity venture - info@carisec.global#cyberriskmanagement #compliance #exploit #vulnerability #securityleadership #advisoryhttps://lnkd.in/eRUPmtWy

4

🚦 💡In today's business environment, it is essential to move beyond common reactive trends. Proactive implementation of #offensivesecurity in the #boardrooms and among #executives is necessary to achieve common #businessrisks strategies and goals, effectively managing #cyberrisk and #informationsecurityrisks.#digitalliabilities #thirdpartyrisks #supplychainriskmanagement #compliance #securityleadership

1

The latest update for #RiskOptics includes "Safeguard Your Business From the Risks of Social Media" and "SEC Adopts Cyber Disclosure Rule". #compliance #cybersecurity #riskmanagement https://lnkd.in/de73fkJ8

Microsoft Purview Insider Risk provides a risk level per user, this risk level is now also available in Conditional Access. This provides a new set of interesting scenario's to proactively block users who pose a risk to the organization. #ZeroTrust #Security #MicrosoftPurview #EntraId https://buff.ly/3VXedQ7

8