Today Active Directory Security is mission-critical to organizational security worldwide and thus mission-critical to Cyber Security worldwide. On this blog, former Microsoft Program Manager for Active Directory Security, and today, CEO of Paramount Defenses, shares valuable technical insights on Active Directory Security.

Monday, November 5, 2018

It is TIME to Help Microsoft AND Thousands of Organizations Worldwide Better Understand Active Directory Security


As former Microsoft Program Manager for Active Directory Security, and today as the CEO of Paramount Defenses, I feel that it is time to help the $800 Billion Microsoft, and 1000s of organizations worldwide better understand Active Directory Security.

Here's why - Over the last few years, 1000s of organizations from across over 150 countries worldwide have requested our assistance (completely unsolicited), so we know about the various challenges that most organizations have to deal with, and based on what we're seeing across the globe, the state of foundational cyber security worldwide seems to be worrisome.

Incidentally, a large majority of these organizations do have several piece-meal cyber security controls such as Active Directory Auditing, Advanced Threat Analytics, Two-Factor Authentication, Privileged Session Managers, Password Vaults, Zero-Trust Security, Privileged Access Management (PAM) etc., yet their Active Directory deployments are still likely vastly vulnerable.

I'll say only this much - TODAY Microsoft Active Directory is at the foundation of cyber security and privileged access at over 85% of all business and government organizations worldwide, AND the current state of awareness and (the substantially inadequate level of) protection afforded to these foundational Active Directory deployments is concerning enough that it warrants the attention of all stakeholders, including executive and IT leadership, customers and investors, worldwide.

Thus, in weeks to come, we may reach out to the Executive Management of organizations worldwide to make them aware.

In addition, to help educate Microsoft AND the world, starting next Monday, Nov 12, 2018, I'll be penning the following -

  1. Active Directory Security For Everyone - Why is Active Directory Security Paramount to Organizational Cyber Security?

  2. Active Directory Security For Novices and Enthusiasts - A Closer Look at Active Directory's Security Model etc.

  3. Active Directory Security for IT Admins and Security Auditors - An Overview of Active Directory Security Permissions

  4. The World's Most Important Active Directory Need and Security Capability - Active Directory ___ ___

  5. For Self-Proclaimed Active Directory Security Experts - Why Analyzing Active Directory Security Permissions is Useless

  6. For IT Managers and CISOs - The Billion $ Difference Between Active Directory Auditing and Active Directory Audit

  7. For all Organizations - What Happens When an Organization Deploys a Cheap Auditing Solution Built Overseas?

  8. For Microsoft, Domain Admins and CISOs Worldwide - What Constitutes a Privileged User in Active Directory?

  9. For the CyberArks of the World - How to Correctly Identify/Audit Privileged Access/Users in Active Directory?

  10. For All Audit Organizations Worldwide - Are You Sure Your Auditors Know How to Correctly Audit Active Directory?

  11. To All Cloud & Cyber Security Companies Worldwide - Isn't Active Directory at the Very Foundation of Your Security Too?

Finally, for C*Os worldwide, I penned this today - Cyber Security 101 for the C-Suite - Active Directory Security is Paramount.

Ideally, Microsoft should be doing this (i.e. helping adequately educate their customers worldwide), but it appears that these days all they seem to care about is that new fad called "The Cloud", so we're left with no choice but to do this for the world.

Very well then, onward to Nov 12, 2018, right here.


No comments:

Post a Comment