Skip to content Skip to sidebar Skip to footer
Home Resources Blog Assume breach, Microsoft’s approach and experience on Cloud Security – Webinar 15 June 2020

Assume breach, Microsoft’s approach and experience on Cloud Security – Webinar 15 June 2020

1 minutes reading time

Assume breach, Microsoft’s approach and experience on Cloud Security – Webinar 15 June 2020

In their third webinar, the Cyber Security Coalition Cloud Security Focus Group had Bart Asnot (Technical Solutions Professional – Security Microsoft) explain how Microsoft looks at cloud security.

Main focus of the presentation was on Microsoft’s ‘Prevent Breach’ and ‘Assume Breach’ philosophies, both preparing for cloud security. ‘Prevent Breach’ we’re all familiar with as its goal is to keep the bad guys out. It is being realized by e.g. code reviews, security testing and techniques alike. ‘Assume Breach’, however, focusses on the preparation of your environment, people, processes and technologies to detect actual attacks and penetrations. By identifying and addressing gaps in all of these you will be able to better detect, respond and recover from attacks and penetrations.

To secure their cloud journey Microsoft adapted the Zero Trust model. Depending on the information you want to access, a specific level of trust is required before access can be granted. By evaluating the user identity requesting access, the device used to do so and the information that is to be accessed, the organizational policy decides if access can be granted and which security policy is to be enforced.

To top things off a demo illustrated some of the use cases mentioned.

About the author
Roel Wouters

Roel Wouters

Group Cloud Risk Manager at KBC Group NV
Roel Wouters is Group Cloud Risk Manager at KBC Group. During his fourteen year career at KBC he worked as Information Security Officer, ICT-analyst expert and operational risk manager.
Join our podcast
Please choose your preferred listening platform and language

Spotify

EN

FR

NL

Apple

EN

FR

NL

Join our newsletter

Cyber Pulse keeps you up-to-date on the latest cybersecurity news, community actions and member stories.