show episodes
 
The HIP Podcast is the premier podcast for cybersecurity pros charged with defending hybrid identity environments. Hosted by 15-time Microsoft MVP and Active Directory security expert, Sean Deuby. Presented by Semperis: the pioneers of identity-driven cyber resilience for the hybrid enterprise.
  continue reading
 
Loading …
show series
 
Following a cyber incident that compromises Entra ID, an inability to recover critical objects and conditional access policies can bring your business recovery to a standstill. In this episode, Sean talks with Tuna Gezer, Senior Product Manager for Semperis Disaster Recovery for Entra Tenant (DRET), about how Entra ID data recovery differs from on-…
  continue reading
 
This week, the HIP Podcast revisits HIP Global 2023! Listen in as our hybrid identity protection experts present lessons learned in the field, helping some of the world’s largest organizations remediate and recover from cyberattacks that targeted Active Directory. Joining Sean in this expert panel: · Benjamin Cauwel, Security-Senior Manager, Accent…
  continue reading
 
Anyone who has dealt with the technological side of a merger or consolidation can tell you: Years of technical debt in Active Directory can turn the process into a real headache. In this episode, Michael Masciulli (Managing Director for Migration Products and Services, Semperis) talks with Sean about the necessary steps to keep Active Directory sec…
  continue reading
 
Cyberattacks against K-12 schools have soared, tripling between 2018 and 2021 and continuing to climb. With many school districts balancing legacy technology, budget restrictions, and limited staff, fighting off cyber threats can be a daunting challenge. This week, Sean speaks with BJ Welsh, Director of Tech Services for the Carrollton-Farmers Bran…
  continue reading
 
“[Attackers] don’t hack in, they log in.” In this episode of the HIP Podcast, Sean talks with Jason Rebholz, Corvus Insurance CISO and host of the TeachMeCyber YouTube channel. Jason and Sean discuss the cyber threat landscape the ins and outs of cyber insurance, including what to do (and what not to do) when applying for and utilizing cyber insura…
  continue reading
 
This episode of the HIP Podcast revisits 2022’s HIP NYC conference, where Sean sits down with Andy Greenberg, award-winning author of Sandworm and Tracers in the Dark. As a senior writing covering security, privacy, information freedom, and hacker culture at WIRED magazine, Andy speaks with Sean and the HIP audience about tracking cyber crime, curr…
  continue reading
 
Who really has access to your applications and critical infrastructure? You’ve probably heard that identity is the new security perimeter. But how far does that perimeter extend? The key is knowing which assets are in Tier 0—the critical control plane that must be secured to protect your organization from cyber threats—and which potential attack pa…
  continue reading
 
Budgets are tight in 2023. Where should CISOs focus their spending to best promote cyber and operational resilience? In this episode of the HIP Podcast, Sean Deuby talks with Semperis CISO Jim Doggett about the importance of focusing on the fundamentals, how to optimize cyber insurance, and how best to determine priorities in tight economic conditi…
  continue reading
 
What are the biggest cybersecurity threats to critical infrastructure? And just what do we mean when we talk about “critical infrastructure,” anyway? In this episode, Sean talks with Jerry Cochran, Deputy CIO, Pacific Northwest National Laboratory and Advisory Council member of the Cloud Security Alliance, about the challenges of maintaining operat…
  continue reading
 
The rapid proliferation of cloud services has opened doors to many advancements in the ways we work. Unfortunately, governance of access to those services has not kept pace. As a result, cyberattackers often have a field day once they gain entry to your hybrid identity environment. In this episode, Sean talks with Garret Grajek, CEO of YouAttest an…
  continue reading
 
Join hybrid identity protection experts as they discuss the importance of disaster recovery planning to maintain operational resilience. Where should you start, what should you prioritize—and how can you help business decision-makers understand the importance of a comprehensive, tested plan? This expert panel—including Guido Grillenmeier (Semperis)…
  continue reading
 
What keeps Alan Sugano, President of ADS Consulting Group, up at night? Business email compromise (“way more lucrative than a ransomware attack”), organizations that aren’t implementing strong and global MFA, poor password management… Tune into this episode to learn how what Alan calls the “critical quad” can help protect you from relentless cybera…
  continue reading
 
In this episode, listen in on the expert panel recorded live at HIP London, the first stop on this year's Hybrid Identity Protection Roadshow in June 2022. At this event, Sean speaks with Simon Hodgkinson (Strategic Advisor, Semperis and former bp CISO), Ria Thomas (Managing Director, Polynia Advisory), and John Craddock (IT Infrastructure and Secu…
  continue reading
 
Do you have a clear picture of your identity security posture—the good and the not-so-great? In this episode of the HIP Podcast, Sean talks with Maarten Goet, Director for Cybersecurity at Wortell, about the importance of starting any ITDR effort with a clear vision of your current strengths and challenges, the benefits and limitations of security …
  continue reading
 
Everyone’s talking about Identity Threat Detection and Response (ITDR) … but what does that mean for people in the IT trenches? In this session, Sean talks with Brian Desmond, Principal at Ravenswood Technology Group, about the various ITDR issues that companies are dealing with today and where the greatest challenges lie for identity pros and orga…
  continue reading
 
Recent reports indicate a decrease in ransomware attacks. Should organizations breathe a sigh of relief—or batten down the hatches? In this episode, Sean talks with Alix Weaver, Solutions Architect at Semperis, about the ways that ransomware gangs are reinventing themselves and changing tactics and why ransomware as a service is gaining traction.…
  continue reading
 
Is cloud security an oxymoron? In this panel session, originally recorded at the inaugural HIP Europe event, Sean Deuby talks with Semperis Chief Technologist Guido Grillenmeier; Jorge de Almeida Pinto, Lead Identity/Security Consultant, IAM Technologies; Tony Redmond, Owner and Principal at Redmond & Associates; and Jan De Clercq, Senior Security …
  continue reading
 
How successful are recent efforts to elevate identity security among enterprises across the United States? IDS Alliance surveyed 500+ security and identity professionals to find out. In this session of the HIP Podcast, Julie Smith, Executive Director of the Identity Defined Security Alliance, speaks with Sean Deuby about the trends revealed in the …
  continue reading
 
Security architectures depend on identity—the “new security boundary.” Yet despite investment in identity and attempts to drive a sustainable identity culture, significant security breaches and friction still exist, given competing priorities and views on value. In this session of the HIP Podcast, Sean revisits his chat with Denis Ontiveros Merlo, …
  continue reading
 
The AADInternals toolkit is a powerful resource for administering and hacking Azure AD. In this episode of the HIP Podcast, Sean talks with Dr. Nestori Syynimaa, AADInternals creator and Sr Principal Security Researcher at Secureworks Counter Threat Unit (CTU). Join them as they discuss how red and blue teams can use the toolkit to explore and impr…
  continue reading
 
Hopefully, your organization has a disaster recovery plan. But do you have a plan for operational resilience? In this HIP Podcast session, Simon Hodgkinson, former CISO at bp and a strategic advisor at Semperis, explains why organizations that focus on operational resilience and disaster recovery are better prepared to weather cyberattacks—and wher…
  continue reading
 
The life-or-death demands of the healthcare industry complicate identity security. The COVID-19 pandemic, increasing popularity of remote care and Internet of Medical Things (IoMT) devices, and proliferation of ransomware attacks have heightened the healthcare industry’s urgent need for strong hybrid identity security strategies. In this session of…
  continue reading
 
In today’s world, attacks are inevitable, and breaches are probable. The temptation to return to normal operations as quickly as possible is real, but there are significant risks if your recovery simply restores the malware of the original breach. This episode of the HIP Podcast provides real-world, actionable guidance on the right way to recover f…
  continue reading
 
What should you tackle first in locking down Active Directory from cyberattacks? In this webinar excerpt, Sean Deuby (Semperis Director of Services) and Brian Desmond (Principal of Ravenswood Technology Group) share tips for five actions you can take now to significantly improve your security posture: 1) implement good identity processes, 2) ensure…
  continue reading
 
Endpoint detection and response (EDR) is quickly evolving into extended detection and response (XDR). That means that identity is moving to the center of your security approach. In this episode, Paul Lanzi, Co-founder and COO at Remediant, discusses the new capabilities available in XDR solutions and how the ability to gain granular control at the …
  continue reading
 
Protection from ransomware often starts with preventing unapproved applications from running on systems. However, the ability to restrict which applications can run is often a difficult process, full of holes and unforeseen vulnerabilities. In this episode of the HIP Podcast, Sean Deuby (Semperis Director of Services) and Alan Sugano, President, AD…
  continue reading
 
When cybercriminals take down your organization, you might have your technical response plan locked and loaded. But who's calling the shots on when to bring the network offline for remediation efforts? Especially in multinational organizations, the decision-making process for cyberattack incident response isn't always clearly defined. Any confusion…
  continue reading
 
What has changed about Active Directory disaster recovery since Gil Kirkpatrick and Guido Grillenmeier—aka the "Masters of Disaster"—first wrote the book on how to recover AD from scratch in "The Definitive Guide to Active Directory Disaster Recovery"? In this session, Sean Deuby leads a discussion with Kirkpatrick and Grillenmeier about the monume…
  continue reading
 
Are your organizations' systems at risk from third-party security breaches? The threat of cyberattacks that enter systems through compromises in third-party software or components has dominated cybersecurity discussions since the SolarWinds attack was uncovered in December 2020. In this session, Sean Deuby discusses third-party security risks with …
  continue reading
 
Is your organization ready to defend against a cyberattack that hits over the holidays? Threat actors love to pounce during the holiday season because organizations often aren't adequately prepared to defend against cyberattacks, with IT staff operating on reduced schedules and less experienced team members stepping in. In this session, Sean talks …
  continue reading
 
In a cloud environment, securing privileged identities and DevOps pipelines with privileged access requires special attention. In this session, Sean Deuby and Gil Kirkpatrick (Semperis Chief Architect) discuss Microsoft's current guidance for securing privileged access in Microsoft Azure with Thomas Naunheim (Cloud Architect at glueckkanja-gab AG).…
  continue reading
 
Shifting to Azure Active Directory means you're done with worrying about backups, right? Not necessarily. As the Azure cloud service provider, Microsoft is responsible for restoring the Azure AD service if an outage occurs. But in the case of a cyber disaster, your resources—users, groups, services, policies—might get wiped out, leaving your organi…
  continue reading
 
In this excerpt from a web seminar, Sean and Michele Crockett (Semperis Senior Director of Product Marketing) dive into the tight link between Exchange Server and Active Directory (and how to guard against attacks like the Hafnium breach), the resurgence of wiper attacks like MeteorExpress that cripple business operations, and the Kaseya attacks th…
  continue reading
 
As most newly minted technology pros gravitate toward the latest and coolest programming languages and projects, serious questions arise about who will maintain those legacy IT systems (including Active Directory implementations) that are still in use by many institutions worldwide. In this session, Sean Deuby talks with Orin Thomas, Microsoft Prin…
  continue reading
 
In this session excerpted from a web seminar, Sean Deuby (Semperis Director of Services) and Michele Crockett (Semperis Senior Director of Product Marketing) discuss two important Microsoft security flaws: the Windows Print Spooler vulnerability called PrintNightmare and the PetitPotam flaw. Sean gives some background on how cybercriminals exploit …
  continue reading
 
Recent cyberattacks (including the SolarWinds breach) have involved gaining entry into on-premises Active Directory and then moving to Azure Active Directory (or vice versa) to infiltrate the environment. Sean chats with Doug Davis (Semperis Senior Product Manager) about the differences in managing security in a hybrid identity environment. Doug sh…
  continue reading
 
Sean talks with Alexander Benoit, CEO of dinext pi-sec, about how Microsoft security offerings have changed with the company's adoption of the extended detection and response (XDR) approach. Benoit, who has a deep understanding of Microsoft infrastructures, breaks down the Microsoft 365 Defender suite and gives his perspective on Microsoft position…
  continue reading
 
How have identity security practices changed in the last year? Semperis Director of Services Sean Deuby chats with Julie Smith, executive director of the Identity Defined Security Alliance (IDSA), about the organization's newly released "2021 Trends in Securing Digital Identities" report. In addition to tracking the increase in managing remote work…
  continue reading
 
What's the worst time to plan for a cyberattack? When you're actively under attack. Sean talks with Ben Cauwel, Senior AD Security Delivery Manager at Accenture France, about putting together a functional, tested incident response plan for before, during, and after a cyberattack. The key is to use the time when the systems are running properly to p…
  continue reading
 
Are passwords really dead? Tune in to this lively conversation among some of the leading luminaries of identity and access management as they debate challenges and solutions of managing access to systems and data in an escalating threat landscape. Moderated by Semperis Chief Architect Gil Kirkpatrick, "The Future of Identity" includes perspectives …
  continue reading
 
Is cloud security an oxymoron? In this panel session, featured in the inaugural HIP Europe 2021, moderators Sean Deuby and Guido Grillenmeier discuss the current state of cloud security with panelists Tony Redmond, Jan de Clercq, and Jorge de Almeida. This lively conversation covers the evolution of enterprise trust in cloud security: Cloud provide…
  continue reading
 
How do we prove who (or what) we are when accessing accounts in the age of multiple cloud services? Passwords are "a nightmare," says John Craddock, longtime Microsoft MVP and IT infrastructure and security analyst with XTSeminars Ltd. Ahead of his HIP Europe Keynote session, Craddock chats with Sean about using Decentralized Identifiers (DIDs) and…
  continue reading
 
What's the difference between on-premises Active Directory and Azure Active Directory? Pretty much everything, particularly when it comes to security. In this week's episode, Sean Deuby and Doug Davis (Semperis Senior Product Manager) welcome John Savill, Microsoft Principal Cloud Solution Architect, for a lively discussion about the critical mind …
  continue reading
 
Tune in as Sean Deuby is joined by Guido Grillenmeier (Semperis Chief Technologist) to discuss the European debut of the award-winning Hybrid Identity Protection conference, a virtual event on June 30 and July 1 that will feature headliners Tony Redmond and John Craddock, as well as Pam Dingle (Microsoft Directory of Identity Services), Jan de Cler…
  continue reading
 
In this episode, Sean is joined by Doug Davis (Semperis Senior Product Manager) and Rod Trent (Microsoft Security Cloud Solution Architect and Global Azure Sentinel SME) for a deep dive on Azure Sentinel, the Microsoft cloud-native security information and event manager (SIEM). Sentinel is used to monitor and analyze a variety of environments: List…
  continue reading
 
Loading …

快速参考指南