SECURITY OPERATIONS MANAGEMENT IMMERSIVE PROGRAM

MODULE #1: MANAGING INFORMATION SYSTEMS SECURITY

MODULE #2: MONITORING ZERO-TRUST

Overview and landing page: Zero Trust Deployment Center

Today, organizations need a new security model that effectively adapts to the complexity of the modern environment, embraces the mobile workforce, and protects people, devices, applications, and data wherever they are located.

This is the core of Zero Trust. Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originated from an uncontrolled network. Regardless of where the request originates or what resource it accesses, the Zero Trust model teaches us to โ€œnever trust, always verify.โ€

Guiding principles of Zero-Trust

Guiding principles of Zero-Trust

#CloudComputing #ZeroTrust #CyberSecurity

Introduction with Microsoftโ€™s view on Zero Trust

[Article] Zero Trustโ€”Part 1: Networking

#ZeroTrust #Networking #ModernIT #CyberSecurity

[Article] Zero Trust Adoption: Managing Risk with Cybersecurity Engineering and Adaptive Risk Assessment

[Article]Elemental moving pieces of #ZeroTrust in the Microsoft ecosystem

[๐—”๐—ฟ๐˜๐—ถ๐—ฐ๐—น๐—ฒ] ๐— ๐—ถ๐—ฐ๐—ฟ๐—ผ๐˜€๐—ผ๐—ณ๐˜ ๐—ญ๐—ฒ๐—ฟ๐—ผ ๐—ง๐—ฟ๐˜‚๐˜€๐˜ ๐—ฑ๐—ฒ๐—ฝ๐—น๐—ผ๐˜†๐—บ๐—ฒ๐—ป๐˜ ๐—ด๐˜‚๐—ถ๐—ฑ๐—ฒ ๐—ณ๐—ผ๐—ฟ ๐˜†๐—ผ๐˜‚๐—ฟ ๐—ฎ๐—ฝ๐—ฝ๐—น๐—ถ๐—ฐ๐—ฎ๐˜๐—ถ๐—ผ๐—ป๐˜€

[Article]What we learned when moving to Zero Trust Network Architecture at Microsoft

Zero Trust Network Architecture at Microsoft

[๐—”๐—ฟ๐˜๐—ถ๐—ฐ๐—น๐—ฒ] ๐——๐—ถ๐—ด๐—ถ๐˜๐—ฎ๐—น ๐—ฒ๐—บ๐—ฝ๐—ฎ๐˜๐—ต๐˜† ๐˜€๐—ต๐—ผ๐˜‚๐—น๐—ฑ ๐—ด๐˜‚๐—ถ๐—ฑ๐—ฒ ๐˜†๐—ผ๐˜‚๐—ฟ ๐—ญ๐—ฒ๐—ฟ๐—ผ ๐—ง๐—ฟ๐˜‚๐˜€๐˜ ๐—ถ๐—บ๐—ฝ๐—น๐—ฒ๐—บ๐—ฒ๐—ป๐˜๐—ฎ๐˜๐—ถ๐—ผ๐—ป

[Article]Supply Chain Risk Management for Zero Trust with Microsoft Azure (6 of 6)

Supply chain Risk Management

A new, great sample blueprint is here! [News] New Azure Security Benchmark Foundation helps organizations embrace zero trust https://devblogs.microsoft.com/azuregov/new-azure-security-benchmark-foundation-helps-organizations-embrace-zero-trust/

Azure Security Benchmark Foundation

Consolidated information for securing the Cloud perimeter [Article] Microsoft Ignite 2019 โ€“ Securing Your Cloud Perimeter With Azure Network Security

#Azure #CyberSecurity #Firewall #Zerotrust

[Article] In a Zero Trust World, Compliance Doesnโ€™t Equal Security https://nextgov.com/ideas/2020/12/zero-trust-world-compliance-doesnt-equal-security/171046/

Compliance doesn't equal

MODULE #3: CYBERSECURITY MATURITY MODEL COMPLIANCE (CMMC)

Cybersecurity Maturity Model Certification (CMMC) is a new standard introduced by the US Department of Defense (DoD), which is intended to measure and certify Defense Industrial Base (DIB) contractorsโ€™ ability to safeguard Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) in accordance with Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 regulations.

CMMC Maturity Progression

  1. Level-100: Microsoft Product Placemat for CMMC
  2. Level-200: Technical Guide

The guide is organized in sections for each of the domains of CMMC L3, beginning with Access Control:

LEVEL-3 COMPLIANCE

Meeting CMMC L3 on Azure using Blueprints, Policies and Security Compliance Dashboard

[Article]Meeting CMMC Level 3 on Azure

Azure Sentinel Cybersecurity Maturity Model Certification (CMMC) Workbook

The Azure Sentinel CMMC Workbook provides a mechanism for viewing log queries aligned to CMMC controls across the Azure cloud including Microsoft security offerings, Office 365, Teams, Intune, Windows Virtual Desktop and many more. This workbook enables Security Architects, Engineers, SecOps Analysts, Managers, and IT Pros to gain situational awareness for the security posture of cloud workloads. There are also recommendations for selecting, designing, deploying, and configuring Microsoft offerings for alignment with respective CMMC requirements and practices. The workbook features 250+ control cards aligned to the 17 CMMC control families across all 5 maturity levels with selectable GUI buttons for navigation.

Microsoft Product Placemat for CMMC

The Microsoft Product Placemat for Cybersecurity Maturity Model Certification (CMMC) Level 3 (Preview) is an interactive view representing how Microsoft cloud products and services may satisfy requirements for CMMC practices.

The Microsoft Product Placemat for CMMC is especially useful when paired with the Microsoft Technical Reference Guide for CMMC. The Technical Reference Guide

Microsoft CMMC Acceleration Program

Microsoft is actively building out their CMMC program by developing resources for both partners and Defense Industrial Base (DIB) companies to leverage in their Cybersecurity Maturity Model Certification (CMMC) journey. These tools cannot guarantee a positive CMMC adjudication, but they may assist candidate organizations by improving their CMMC posture by going into a formal CMMC review in accordance with CMMC Accreditation Body standards.

While Microsoft is planning to release their resources and guidance in waves, please keep in mind that they are dependent upon the CMMC Accreditation Body finalizing the CMMC guidance itself.

Microsoft CMMC Acceleration Program

#CMMC #MicrosoftAzure #CyberSecurity #AzurePolicies #CloudSecurity