Abbas Kudrati is the Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group and is Tom Fox’s second guest on Microsoft Week. Abbas has spent the duration of his career providing thought leadership, strategic direction, and deep customer and partner engagement through Microsoft’s initiatives and operations. On this episode, he and Tom are talking about a range of topics surrounding info security and Abbas’ role at Microsoft.
The Evolution of Cybersecurity & Its Challenges
When security was first introduced, it was called IT Security, and its primary focus was securing everything within a network behind a firewall. Society has since moved from a firewall to the cloud. The focus on complaints within an organization has also shifted from local to multinational.
End-to-end security’s focus is people, process, and technology. Abbas says that focusing on end-to-end security means turning your attention to 14 different domains of policy. It means ensuring that the right people are on your teams and managing the security surrounding that. It means managing data access, business communication security, product security, and supply relationship security.
Risk Appetite & Risk Management
“You cannot implement security without having conducted a detailed risk assessment and understanding what is your current risk appetite,” Abbas tells Tom. When starting the risk management process, Abbas stresses the importance of having a threat model. “Define what are the various threats, and then embed those threats into your risk management,” he emphasizes.
In the near future, the citizens of the emerging South Asian economy will be using the internet much more, and that there will be higher demand for cybersecurity professionals. The demand will be impossible to meet, so there will be more automation. Tom asks him to elaborate on what’s next for Microsoft’s cybersecurity group. Abbas explains that the group is continuously improving its product to be more inclusive, and also that security and privacy are being built into their products by design and not an afterthought.
Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation.
Tune in tomorrow for episode 3 featuring Joseph Davis.
Abbas Kudrati book, Threat Hunting in the Cloud