speaking of security: risk management
TRANSCRIPT
![Page 1: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/1.jpg)
Speaking of security: Risk management
1
![Page 2: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/2.jpg)
What we’ll cover today
Security focus
Microsoft digital security strategy
Risk management process
Key actions
Q&A
![Page 3: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/3.jpg)
Iden
tity
Man
ag
em
en
t
Security focus
![Page 4: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/4.jpg)
2019 Digital security strategy
SER
VIC
ES
Information Protection
Data & Telemetry
Identity Management
Device HealthAssuranceRisk Management
![Page 5: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/5.jpg)
![Page 6: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/6.jpg)
Our risk management focus
![Page 7: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/7.jpg)
The possibility that events will occur and
affect the achievement of strategic,
operational, financial, and
legal/compliance objectives
Enable Board Governance
Enable senior leaders to make risk informed decisions
& remove remediation road-blocks in an effective,
efficient, and consistent manner.
Identify, prioritize, and report the most critical risks to
key company strategies
7
How we think about risk
![Page 8: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/8.jpg)
• Information Risk Management Council
![Page 9: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/9.jpg)
Security governance
Information Risk Management Council
How do we manage enterprise risk?
The mission of the Information Risk Management Council (IRMC) program is to enable a risk-based approach for managing information security, physical security, and customer and employee privacy related matters
9
Identify Protect Detect Respond Recover
![Page 10: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/10.jpg)
![Page 11: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/11.jpg)
EVP/CVP
(e.g., C+AI, E+D)
(e.g., C+AI, Gaming, E+D) CVP/VP
(e.g., C+AI only)
GM/Partner
![Page 12: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/12.jpg)
![Page 13: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/13.jpg)
Ensure data is actionable
13
Educate and leverage senior business leadership
Know your threat landscape
Ensure the group is willing to make the hard calls
Start with a coalition of the willing
![Page 14: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/14.jpg)
• Fostering a risk-based culture to secure the enterprise
• Speaking of security: A discussion with Bret Arsenault, CISO at Microsoft
• Integrating security into the mobile app development life cycle
• Building cloud apps using the Secure DevOps Kit for Azure
• Microsoft Security Intelligence Report
![Page 15: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/15.jpg)
Microsoft IT ShowcaseHow Microsoft does IT
Visit the websitemicrosoft.com/itshowcase
![Page 16: Speaking of security: Risk management](https://reader031.vdocument.in/reader031/viewer/2022012915/61c62758a45d6f061f094930/html5/thumbnails/16.jpg)
Actions & Deliverables
Recommendations & Escalations
Sponsorship & Decisions
Strategy & Directions
Board Updates