M365.FM - Modern work, security, and productivity with Microsoft 365
Artificial intelligence is transforming cybersecurity faster than any technology before it. But while AI helps defenders automate investigations and respond to incidents faster, it also gives cybercriminals powerful new capabilities. In this episode of the M365 Show, Microsoft MVP, CISO, technology evangelist, and international speaker Mourtaza Fazlehoussen joins Mirko Peters to discuss how organizations can embrace AI without increasing their security risks. FROM CLASSIC CYBERSECURITY TO AI-POWERED DEFENSE Mourtaza shares his journey from programming on MS-DOS systems and Microsoft technologies to leading enterprise security initiatives around the world. Drawing from decades of experience across Europe, Africa, and Asia, he explains how the cybersecurity landscape has evolved from protecting networks to defending identities, cloud platforms, AI workloads, and intelligent agents. The discussion highlights why security today requires continuous adaptation as attackers become increasingly sophisticated with AI-powered techniques. WHY BUYING MORE SECURITY TOOLS DOESN'T MAKE YOU MORE SECURE Many organizations continue investing heavily in cybersecurity products but still struggle to improve their overall security posture. Mourtaza explains why technology alone is never enough. Successful security depends on adoption, governance, integration, operational processes, executive support, and continuous monitoring. Without these elements, even the most advanced security platforms remain underutilized while employees create new risks through Shadow IT and Shadow AI. AI HAS CHANGED THE ATTACKER'S PLAYBOOK The conversation explores how generative AI has fundamentally changed phishing attacks, social engineering, and identity-based threats. Modern attackers no longer send emails filled with grammar mistakes. Instead, they use AI to create highly personalized campaigns based on publicly available information from platforms like LinkedIn. Mourtaza shares a fascinating real-world example of attackers compromising an organization through a malicious restaurant menu PDF after researching employee behavior. MICROSOFT SECURITY COPILOT EXPLAINED What exactly is Microsoft Security Copilot, and how does it differ from Microsoft 365 Copilot? Mourtaza explains that Microsoft Security Copilot is designed specifically for Security Operations Centers (SOC) and security analysts. Rather than replacing security professionals, it acts as an intelligent assistant capable of: * Prioritizing security alerts * Correlating incidents across Microsoft Defender, Sentinel, and Intune * Generating investigation summaries * Accelerating threat hunting * Helping junior analysts perform at a much higher level Unlike Microsoft 365 Copilot, which focuses on productivity, Security Copilot is built to improve incident response and security operations. BUILDING AI GOVERNANCE BEFORE DEPLOYING AI One of the central themes of this episode is AI Governance. Organizations cannot simply deploy AI assistants and hope everything remains secure. They need governance frameworks covering data classification, approved AI services, access control, responsible prompting, compliance requirements, and continuous monitoring. Mourtaza explains how Microsoft Purview, Azure AI Foundry, Microsoft Defender, Microsoft Entra ID, and Microsoft Security Copilot work together to establish responsible AI governance while supporting regulations such as the EU AI Act, GDPR, DORA, CRA, and NIS2. ZERO TRUST IN THE AGE OF AI Zero Trust remains one of Microsoft's core security principles—but AI expands its importance. The discussion covers why organizations must: * Verify every identity * Apply least privilege access * Assume breach * Secure AI agents like human identities * Monitor prompts, data access, and AI behavior continuously As AI systems gain access to business-critical information, identity becomes the new security perimeter. INSIDE A RANSOMWARE INCIDENT Mourtaza walks through the critical first hour after discovering a ransomware attack. He explains the importance of rapid detection, containment, investigation, executive communication, evidence preservation, business continuity planning, and disaster recovery. Microsoft Security Copilot can significantly reduce investigation time by automatically correlating events and generating incident summaries, allowing security teams to focus on response rather than manual analysis. KEY TAKEAWAYS AI is changing cybersecurity for both defenders and attackers. Organizations must combine modern security technology with strong governance, identity protection, Zero Trust principles, and continuous monitoring. Microsoft Security Copilot is an incredibly powerful assistant—but it complements security professionals rather than replacing them. As Mourtaza concludes, governance is the foundation that enables organizations to innovate with AI while maintaining trust, compliance, and resilience. Become a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support [https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support?utm_source=rss&utm_medium=rss&utm_campaign=rss].
718 jaksot
Kommentit
0Ole ensimmäinen kommentoija
Rekisteröidy nyt ja liity M365.FM - Modern work, security, and productivity with Microsoft 365-yhteisöön!