Q&A
Q&A: Protecting Data with Microsoft 365
Microsoft 365 solutions architect Vanessa Toves breaks down some of the biggest hurdles for enterprise IT when it comes to keeping internal data safe.
As threats to Microsoft 365 environments continue to evolve, so too must the strategies and skills of IT professionals tasked with protecting them. Ahead of her upcoming session, titled "Protecting Microsoft 365 Data from Cyber Attacks" at the upcoming Cybersecurity & Ransomware Live! virtual conference, Vanessa Toves, a Microsoft 365 solutions architect at Druva, offers her insights on incident response, the NIST 2.0 framework and the shifting threat landscape for Microsoft 365.
Make your plans to join us (virtually) for this year's Cybersecurity & Ransomware Live! Virtcon, May 13 to 15. Register by our extended early bird deadline to save $300!
Redmondmag: Your upcoming session emphasizes the importance of theNIST 2.0 framework in Microsoft 365 security. Can you briefly explain why this framework is critical for incident response?
Toves: It's common for Microsoft 365 admin, developers, etc. to not be involved with cybersecurity. This is the critical point of my session. They must step up their knowledge how the Microsoft 365 ecosystem is attacked and understand the roles and activities involved in responding to a cyber incident. By not educating themselves, they would be faced with an even more stressful situation if they were attacked.
Microsoft 365 is a major investment for many organizations. What are the biggest threats to Microsoft 365 data today, and how can companies proactively defend against them?
Microsoft has identified compromised credentials and compromised endpoints as the top entry points for criminals. Securing the perimeter and continued education on avoiding fishing and investing a data protection for Microsoft 365 and Entra ID data.
Many organizations struggle with recovery and remediation after a cyberattack. What are the key steps IT teams should take to restore operations while minimizing risk?
The first and most important role a backup has for organizations is it provides options. If an organization does not have a backup, they are limited to what their options of recovery are. Secondly, data protection vendors like Druva are building features specifically to compliment cyber security needs.
With over 25 years of experience in IT and Microsoft technologies, how have you seen the threat landscape evolve, particularly for Microsoft 365 environments?
There's no end in sight for what or how criminals are doing to monetize disruption. These criminals are sophisticated. They are patient. They don't stop. Data protection were primarily focused on use cases of loss from accidental or even update or patch related, but now, it is just as essential as the investment organizations make in protecting the perimeter. Companies are slowly realizing that their investment has to go beyond the SaaS platform they licensed and that they are responsible for their own data.
Gain More Insight at Toves' "Protecting Microsoft 365 Data from Cyber Attacks" Virtual Session
This session will equip Microsoft 365 professionals with essential knowledge of incident response using the NIST 2.0 framework as a foundation. Attendees will gain insights into how to identify evidence of attacks, understand the scope and containment of incidents, and implement recovery and remediation strategies effectively.
Whether you're in IT, development, or security, this session is designed to help you better protect your Microsoft 365 investment and prepare for the realities of modern cyber threats. Join us at Cybersecurity & Ransomware Live! Virtcon to expand your toolset.
Register now to save $300 with our extended early bird offer!