Microsoft describes its Detection and Response Team (DART) as the "cybersecurity team we hope you never meet." In this episode of the HIP Podcast, Sean speaks with Shiva P, a Senior Consultant with Microsoft DART. Together, they delve into the tactics used by threat actors and share best practices for minimizing risk. Drawing from his extensive experience in incident response at Microsoft, Shiva takes us through the cyber kill-chain, from initial access to ransomware extortion, providing essential tips and insights.

Following a cyber incident that compromises Entra ID, an inability to recover critical objects and conditional access policies can bring your business recovery to a standstill. In this episode, Sean talks with Tuna Gezer, Senior Product Manager for Semperis Disaster Recovery for Entra Tenant (DRET), about how Entra ID data recovery differs from on-premises Active Directory. Microsoft is responsible for getting your Entra tenant back online, but not for restoring hard-deleted data—a resource-intensive, time-consuming process. Don’t be caught unprepared; listen to this episode for this important discussion.

Want more great HIP content? Register for this year's Hybrid Identity Protection Conference! Find HIP Conf 24 in New Orleans, November 13-14. BONUS: HIP Podcast listeners get a special 20% discount off HIP Conf 24 tickets! Use promo code HIPConfPod. Register now at https://register.hipconf.com/event/1b968c66-a916-4330-a5a3-577cc76dcc6b/summary.

This week, the HIP Podcast revisits HIP Global 2023! Listen in as our hybrid identity protection experts present lessons learned in the field, helping some of the world’s largest organizations remediate and recover from cyberattacks that targeted Active Directory. Joining Sean in this expert panel:

· Benjamin Cauwel, Security-Senior Manager, Accenture

· Jeff Wichman, Director of Incident Response, Semperis

· Marty Momdjian, Healthcare Strategist-IR, CDW

· Guido Grillenmeier, Principal Technologist, EMEA, Semperis

Anyone who has dealt with the technological side of a merger or consolidation can tell you: Years of technical debt in Active Directory can turn the process into a real headache. In this episode, Michael Masciulli (Managing Director for Migration Products and Services, Semperis) talks with Sean about the necessary steps to keep Active Directory secure during a migration, consolidation, or modernization project; why such efforts fall apart; and some tips and tools to help streamline the process.

Cyberattacks against K-12 schools have soared, tripling between 2018 and 2021 and continuing to climb. With many school districts balancing legacy technology, budget restrictions, and limited staff, fighting off cyber threats can be a daunting challenge. This week, Sean speaks with BJ Welsh, Director of Tech Services for the Carrollton-Farmers Branch Independent School District. CFBISD comprises 25,000 students and 4,000 staff across dozens of schools and service centers throughout North Texas. They discuss lessons learned about incident response from an attempted breach of CFBISD’s Active Directory.

LINKS: CISA Cyber Hygiene Services

What are in-the-trenches pros observing when it comes to Active Directory and identity security in 2023? Ravenswood Technology Group Principal returns to the HIP Podcast to provide updates on current challenges and trends, including Active Directory hardening, PKI, and Tier 0 infrastructure protection.

“[Attackers] don’t hack in, they log in.” In this episode of the HIP Podcast, Sean talks with Jason Rebholz, Corvus Insurance CISO and host of the TeachMeCyber YouTube channel. Jason and Sean discuss the cyber threat landscape the ins and outs of cyber insurance, including what to do (and what not to do) when applying for and utilizing cyber insurance and how to build a strong incident response plan.

Want more great HIP content? Join us for the HIP Global conference in NYC, August 23-24. The best part? It's free to attend! Register today: accelevents.com/e/hip-global-2023.

Who really has access to your applications and critical infrastructure? You’ve probably heard that identity is the new security perimeter. But how far does that perimeter extend? The key is knowing which assets are in Tier 0—the critical control plane that must be secured to protect your organization from cyber threats—and which potential attack paths lead to those assets, including Active Directory (AD). Semperis Senior Director of Security Product Management, Ran Harel, discusses the challenges of AD security and attack path management in hybrid AD environments.

Budgets are tight in 2023. Where should CISOs focus their spending to best promote cyber and operational resilience? In this episode of the HIP Podcast, Sean Deuby talks with Semperis CISO Jim Doggett about the importance of focusing on the fundamentals, how to optimize cyber insurance, and how best to determine priorities in tight economic conditions.