How to leverage “Secure Access Workstations” for the Cloud

This is a questions I get fairly often. But before I try to answer, let’s take a step back: We know that attackers typically try to compromise user accounts and then move laterally until they find higher-value credentials. The holy grail in this movement is typically and administrator who uses ... Read More

Decentralized identity and the path to digital privacy

This week the European Identity and Cloud Conference took place, where Joy Chik, Corporate Vice President, Microsoft Identity was talking. She was actually announcing some very interesting efforts around identity and privacy, mainly the work we do around decentralized identity. If you read her blog post here, you will find ... Read More

Shared Responsibility in the Cloud (and how to mess it up)

I am deeply convinced that moving to the Cloud – for most companies – will increase their security dramatically – I would even go that far that a secure future without leveraging the cloud is not possible anymore. However, it does not come “just for free”, you still need to ... Read More

Make No Mistake — Microsoft Is A Security Company Now

That’s not a bad start of the day, reading such a headline from a Forrester analyst. I am often asked, how far we are going to drive security within Microsoft. Well, I guess here you have an answer from an outsider: Make No Mistake — Microsoft Is A Security Company ... Read More
😉

Politician’s Reactions on VIP Hack in Germany

I recently complained about the Swiss government and our inability in Switzerland to really drive Cybersecurity forward (Federal Council not deciding again – Switzerland falling behind on Cybersecurity). It was one of the most-read blog posts I wrote during the last few years… In one of the discussions on LinkedIn ... Read More

Federal Council not deciding again – Switzerland falling behind on Cybersecurity

To be clear upfront: I think that our political system is amongst the best across the Globe. It is one of the purest systems to reflect a democratic process in a direct democracy. This is shown in special initiatives like the “Hornkuh Initiative”, where on farmer from the Swiss mountains ... Read More

An important step toward peace and security in the digital world

I think we are all in agreement that the internet as it is today is a great achievement but there needs to be a certain level of agreement between the different players what should be done and what not. On November 12th, Microsoft and other technology providers like Google, Facebook, ... Read More

Does AI solve it all?

Artificial Intelligence and Machine Learning hold a lot of promises in security. They will help us address the problems around false positives and detecting anomalies. There is a lot of hope and a lot of promises by the vendors in that space. Microsoft invests in this technology as well and ... Read More

Do we really need a CSO?

I was just reading an article called Does Facebook even need a CSO? – initially my reaction was (as most of yours I guess): “What a stupid question, for sure we need a CSO”. However, is this true? Do we really need a CSO? Are there other models which would ... Read More

Confidential Computing – A Silver Bullet for the Cloud?

When it comes to encryption and data we solved different problems. Since the invention of algorithms like DES, 3DESand/or AES symmetric encryption is something we understand and can solve. With RSA and Diffie-Helman key management and key exchange can be implemented with reasonable management overhead. This led to solid and ... Read More