Summary: Executive Summary: John attended an invitation-only Microsoft event focused on cloud security and compliance. Sobering statistics on cyber attack trends and a vast array of topics you can't afford to ignore when it comes to protecting your company's brand and assets. We'll recap. Hosts: John Kresic, Tom Kresic, Mike Kresic Running Time: Microsoft Cloud event: Transparency and Trust, a Security and Legal summit Hosted in Cleveland at Microsoft office on March 12, 2015 Topics Covered: Cyber Security and Cloud Trends, WW Chief Security Advisor Tim Rains How Microsoft Asst General Counsel uses Office365, Dennis Garcia Azure Tech Specialist Delbert Murphy on how Microsoft Cloud is secured MS-IT Principal Program Manager Maya Davis on Azure Adoption panel and lunch Fun Facts: 6B Bing queries/month, 2.4M emails/day for Hosted Exchange, for 400M accounts on Outlook.com, 250M active OneDrive users, 48M Xbox accounts, 50B minutes/month of Skype, 90 markets ww MSFT adopt cloud privacy standard ISO/IEC 27018 Independently verified. See Trust Center Security highlights: 243 DAYS to detect intrusion Daily Breach costs are up 15%YoY to $3.5M/day CEO scale problem now, at $3T lost productivity and growth complexity: on-prem+cloud+hybrid at remote+at work+at home with work devices+personal devices+social media channels Forensics Lab: taking the fight to the cyber criminals (gov collab to take down botnets) staffed with 100 people learnings go into products unique to Microsoft Data Breach Calculator Legal Best Practices Pre-contract framework of Transparency, Protect, Comply, Control Transparency: who are the subs, who easy is an audit reports, DC pinning Protect: who is the privacy regulator that validates, Batman clause (cybercrime fighting ability) Comply: ISO 27001 and 27018; HIPAA and BAA; FISMA; FERPA; CJIS Control: your data ownership; what of 3rd party requests; law enforcement requests and reporting; sue others to protect YOU; (in1H2014, 5 Enterprise Customer requests from Law for 5 users were either rejected or redirected to the actual customer) (Ireland DC for US citizen is in court) Azure specialist Security of hard drives: Hotel California policy (never leave: shredded) Defense in Depth: physical, network, Host Security, app sec, data sec; IAM, configuration and vulnerability scanning, 24/7/365 Incident response Event Calendar: SEE US AT MICROSOFT IGNITE in Chicago May 3-8!
