Check out the Microsoft Learn cybersecurity collection: Designing your organization’s security.
Cybersecurity has become an increasingly top-of-mind concern for industries all over the world. From the highest tiers of government to small businesses, addressing cybersecurity threats has taken on new urgency in the face of sophisticated hackers and escalating international tensions. Additionally, millions of customers routinely shop online and conduct other forms of digital business that put them at risk for cybersecurity attacks.
If your organization is worried about how to address cybersecurity concerns, it's not alone. As a Senior Program Manager at Microsoft, it’s a topic that is often top-of-mind for me. In fact, the U.S. White House hosted a summit dedicated solely to this issue in August 2021. President Joe Biden invited representatives from Microsoft, Apple, Amazon, and other major technological, financial, and insurance companies to attend a summit tasked with addressing the following threat:
“Recent high-profile cybersecurity incidents demonstrate that both U.S. public and private sector entities increasingly face sophisticated malicious cyber activity. Cybersecurity threats and incidents affect businesses of all sizes, small towns and cities in every corner of the country, and the pocketbooks of middle-class families. Compounding the challenge, nearly half a million public and private cybersecurity jobs remain unfilled.”
As a result of the summit, Microsoft committed to investing $20 billion over a five-year period to deliver advanced security solutions that more easily integrate into all its product offerings.
In support of this initiative, Business Program Manager Ankul Bhardwaj and Microsoft Cloud Solution Architect Sudhakar Ethirajulu curated a collection on Microsoft Learn titled “Designing your organization’s security.” Geared specifically towards Microsoft Learn users interested in shoring up their organization’s cybersecurity efforts (and their individual skillsets related to cybersecurity), this collection consolidates key concepts, learning paths, and technical solutions into a roadmap for combating cyber threats large and small.
Featured modules focus on Microsoft 365 Defender, Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud (which consolidates two earlier Microsoft products, Azure Security Center and Azure Defender). Microsoft Sentinel and Defender for Cloud Apps content is also included for learners that want to dig a little deeper into their organization’s specific security concerns.
All security-related content on Microsoft Learn (and featured in this collection) builds off the Zero Trust model principles of explicit verification, least privilege access, and assumptions of breach.
Addressing the skills gap in international cybersecurity
Microsoft has recently spearheaded significant investments in preparing future experts for the modern workforce. In May 2021, the Biden Administration released an Executive Order on Improving the Nation’s Cybersecurity and set the stage for the White House Summit a few months later. In support of this order, Microsoft pledged additional training resources for government civilian agencies to help in the implementation of a Zero Trust model within their organizations.
However, this initiative preluded a far more serious problem facing the United States and countries around the world. Earlier in March, studies predicted that 3.5 million cybersecurity jobs would open internationally by 2025. These findings reaffirm the growing cybersecurity skills crisis, an issue that leaves every one of three cybersecurity jobs in the United States vacant.
The Microsoft Learn platform has been a key part of a broader strategy to bring cybersecurity skills and knowledge to learners all over the globe. The Microsoft Learn for Educators program offers training, teaching tools, and curriculum to higher education faculty and staff free of charge. This program is particularly geared towards community colleges, campuses with high levels of largely untapped developer talent that can be important in addressing this international shortage of cybersecurity experts.
Similarly, Microsoft Learn contains hundreds of hours of free content for all interested learners – students or otherwise. Tapping into this resource can help individuals and organizations skill up in cybersecurity technologies and implement methodologies and programs that can shore up a safer future. This collection of curated Microsoft Learn content is designed to give users a starting point in knowing how to best adopt and adapt this material for their needs.
Incorporating lessons from the White House cybersecurity summit
After reading the White House’s finding that nearly half a million cybersecurity jobs remain unfilled on a national level, I was both surprised and concerned. I had a single question continue to run through my mind: how could Learn better help existing IT talent skill up in cybersecurity and address pressing organizational needs right now?
The short-term answer I came up with was to curate the best and most relevant Microsoft Learn security and cyber defense content into a one-stop-shop for users. This is where recruiting the support of highly technical and skilled security experts at Microsoft became critical in identifying the right material to put in front of users wanting to further their cybersecurity knowledge.
Bhardwaj, with his passion and expertise for architecting Azure services and deploying them securely, was particularly excited to join the team. With his extensive background in cybersecurity and infrastructure, he believes that “this domain is due for immense growth and opportunity at a global level due to the current economic climate and political threats."
I couldn’t have agreed more.
Using Microsoft Learn to skill up in cybersecurity
This Microsoft Learn collection is meant for a variety of IT and hybrid roles within the security space. Bhardwaj suggests that all interested learners begin with the Overview section and its explanation of how Azure and Microsoft 365 create secure environments throughout all layers of an organization. The Best Practices included at the end of the collection were designed with industry-leading recommendations and strategies in mind to help defend against ransomware and recover from systemic identity compromise.
The following sections within the collection are targeted to specific security pillars. Although learners are certainly encouraged to look through all the listed modules and resources, it isn’t necessary for those interested in a certain facet of the security landscape (or in a hurry to get the information they need).
Whether you’re interested in identity, network, platform, data, monitoring, or email solutions, Microsoft Learn offers pathways into each area. For individuals wanting to brush up on existing skills or learn new ones, this collection is useful as a guidepost for understanding security basics and redirecting to additional content.
Similarly, organizations can divide and conquer the contents of this collection as an IT or managerial team. For employees in the email security space, the email section put together in this collection is a great place to start. For network experts wanting to learn the latest and greatest technological recommendations for shoring up defenses, the corresponding collection section can provide much needed guidance.
Designing security strategies with Microsoft Azure and Microsoft 365 Defender
Microsoft Learn specializes in Microsoft Azure and Microsoft 365 Defender security content for learners to explore. Both technologies provide tools that can help you and your organization create a secure environment across your institutional architecture.
For example, the Microsoft Azure Well-Architected Framework module helps users balance cost optimization and operational excellence with performance efficiency, reliability, and overall security. Time and financial investments in security efforts don’t come cheap, and Microsoft Learn provides options and recommendations for organizations trying to take the needs of all stakeholders into account.
Also, Microsoft Azure modules instruct learners on using a defense-in-depth approach to secure their workplaces on multiple layers, a strategy that simultaneously increases security posture. This over-encompassing methodology takes each infrastructural layer vulnerable to a cybersecurity attack individually and incorporates specific security controls and technologies. This granular approach results in a stronger security system that has built-in defenses within multiple parts of the organization.
Microsoft Defender is another great solution for identifying, assessing, and remediating cybersecurity attacks across organizations. Microsoft Learn paths in this collection feature strategies for better protecting security perimeters, assets, data, apps, and users. The collection also offers practical information about integrating Microsoft 365 Defender and other Microsoft Defender products across your security architecture.
Further your cybersecurity knowledge with certification
Cybersecurity attacks are, unfortunately, not a problem likely to go away anytime soon. Microsoft Learn aims to help teams and individuals all over the world upgrade their security efforts and make their workplaces a safer space for customers and employees alike.
Along with other great security-related content on Microsoft Learn, this collection aims to help close the gap between the White House’s identified need for cybersecurity IT experts and a highly skilled technical labor force. As Bhardwaj puts it, “the collection is designed to help IT professionals to design and deploy relevant services within their environment using the Microsoft Best Practices to secure the end.”
To learn more about how you or your organization can skill up in cybersecurity, check out some of the many available certifications and exams available on Microsoft Learn. The gap in cybersecurity professionals needs to start being addressed now – and partnering with Microsoft Learn is one way to make demonstrable progress towards alleviating it.
Key resources:
- Check out the White House Summit-inspired security collection
- Explore learning paths related to security
- Complete security-specific certifications and exams