ISACA Greater Cincinnati Chapter - Spring Seminar 2020

The Greater Cincinnati ISACA Chapter is proud to present a virtual three-day, 16 CPE seminar by Robert Brzezinski CISA, CISM, CHPS, M365 Sec Admin on "Auditing and improving Microsoft 365 and Azure Cloud Security,” on May 18-20, 2020.

Course Focus:       

Auditing Microsoft 365 and Azure Cloud Security tools

This is a three-day workshop for auditors and security teams responsible for security and compliance of their Microsoft 365 and Azure Active Directory (AzureAD) environments. This course will provide students with knowledge and practical skills to audit Microsoft 365 (M365) tenants, and to improve security of Microsoft 365 configuration and monitoring capabilities. This course is designed with real world scenarios in mind to provide practical, effective approaches for asking and answering compliance questions, reviewing M365 before and auditing M365 after solution adoption; to present practitioner approach to continuous audit, monitoring, and creating additional security and compliance visibility. At the end of the course student will be able to effectively audit Microsoft 365 configuration and organization compliance, understand and improve security of the environment, and implement basic continuous audit and monitoring of the organization Microsoft 365 tenant

You will also delve deeper into M365 functionalities with additional time on labs using demo to review/show e.g. DLP configuration, detail device management (Intune) policies and configuration profiles, AzureAD policies, Azure Security tools and audit approaches, steps etc. – more insights, more Azure tools....

 What You Will Learn: 

• Develop practical audit plan for Microsoft 365 environment
• Develop practical risk management plans/strategies to manage and improve Microsoft 365 security and compliance
• Answer questions and describe how Microsoft 365 complies with various regulatory frameworks and data protection standards
• Assure proper basic Microsoft 365 configuration before solution adoption and email migration
• Audit Microsoft 365 configuration after adoption (email migration) using graphical user interface (GUI) – Azure Active Directory (AzureAD), Security & Compliance center (e.g. DLP, Anti-phishing, anti-malware policies, alerts), Cloud App Security (shadow IT discovery), Microsoft 365 Admin center, Exchange, SharePoint, Teams, Intune
• Audit specific Microsoft 365 elements that require use of PowerShell
• Understand and use Security & Compliance Center for continuous audit / monitoring
• Understand Microsoft Defender Security ATP Center (MDATP) role and capabilities in protecting the organization
• Understand how Azure security tools can enhance organization security and compliance, by integrating data from multiple computing platforms and environments
• Understand how Microsoft 365 cybersecurity strategy works and protects users, devices and data in identity-based protection model

Who Should Attend  IT professional, Managers, System Administrators, Cybersecurity Teams and Auditors responsible for managing, securing and auditing Microsoft 365 environments (tenants).

Instructor:  Robert Brzezinski MBA, CHPS, CISA, CISM, M365 Sec Admin, Azure Sec Eng

Robert focuses on cloud productivity and cybersecurity technologies. As a certified Microsoft 365 Security Administrator and Azure Security Engineer, he specializes in Microsoft Cloud technologies like Microsoft 365 (including Office 365) and Azure security tools. He helps organizations’ understand, and take full advantage of Microsoft security architecture to effectively and efficiently protect their organizations and users; to streamline and automate IT operations, integrate security across different environments (on-prem, Azure and other clouds e.g. AWS etc.); improve and de-duplicate security, compliance and auditing efforts, and put better cybersecurity, compliance and IT strategy in place. Robert also provides subject matter expertise for information privacy, security and regulatory compliance (e.g. HIPAA) for small and medium size organizations. In addition to Fractional CIO/CISO services, Robert creates comprehensive risk assessments, implements risk management plans and Cloud focused IT/cybersecurity strategies to manage organization's risk exposure more effectively.

Register Now!