Summit Great Happened: Key moments from the Microsoft Identity, Security, and Compliance Summit

The UK’s foremost identity, security, and compliance summit returned for its 15^th year this October, 2022. There was a palpable sense of excitement for us, as it was the first time hosting it in-person since 2019.

We weren’t alone in our excitement. Over 150 delegates joined us from the worlds of education, housing, finance, law, and other regulated services – making this our most attended face to face summit event ever.

Here are some of the highlights and key takeaways from the event.

Shining a light on key challenges and the latest Microsoft developments

The summit was an opportunity to meet, network, and absorb the world-class expertise on offer from some of the leading figures in our industry.

Throughout the Summit, delegates were able to access presentations and gain insight into some of the major topics and trends dominating identity and security.

Over the two fully packed days, delegates were treated to:

• Nine keynote speeches
• Three client success stories
• 19 in-depth workshops

These included eye-opening information around compliance, data, and device security in an era of ever-growing risk.

They also provided a deep dive into the latest identity developments within Microsoft Entra – including updates to detection, protection, and responses against cyber attacks with XDR and SIEM solutions such as Microsoft Sentinel.

Cyber insights from Microsoft’s Chief Security Advisor

It was a great privilege to be able to open the Summit with a keynote speech from Microsoft’s Chief Security Advisor, Sarah Armstrong-Smith.

One of the UK’s most influential people currently working in cyber security, Sarah was able to share some extraordinary updates on current global trends. These included:

• The surge in destructive malware
• The evolving and costly risks attached to ransomware
• How attackers are luring victims through social engineering
• The role of cyber activity in global events e.g., the war in Ukraine

Sarah also touched on five evolving paradigm shifts and Microsoft’s continuing work to support cyber resilience, offering key takeaways on:

• Increased digital empathy
• Why zero trust is essential
• The importance of diversity in data and intelligence
• Why cyber resilience underpins an organisation’s overall resilience
• Why integrated security matters

Watch Sarah’s full speech in our on-demand Summit recording now.

Password vulnerability and the need for greater MFA uptake

Sarah also noted that, while passwords are an area of elevated risk, only 26% of organisations have adopted MFA.

It was a theme that would be returned to throughout the Summit, focusing not only on the need for its adoption (you’re 27 times more vulnerable without it!) but also on the way it’s deployed.

With the increase of MFA spamming attacks, for instance, the need to be smarter in the way organisations issue an MFA challenge is becoming more important. Something that delegates had the chance to delve deeper into at various workshops.

To paraphrase our very own technology evangelist and keynote speaker, David Guest, “…not all MFA is created equal.”

Solving the compliance conundrum

The Summit presented an opportunity for delegates to explore the changing security landscape and the solutions available to help compliance issues.

It’s another huge issue confronting organisations, with an increase in breach incidents, ever tighter regulation, and a growing sense of vulnerability to ‘insider threats’.

There was a lot of interest in Microsoft’s compliance suite, and how it can create a secure and compliant environment using tools such as:

• Microsoft Purview
• Insider Risk Management
• Multi-Cloud & Hybrid-Cloud Security
• Microsoft Sentinel
• Microsoft 365 Defender

Microsoft Entra explained

The Summit provided the perfect platform for delegates to learn more about Microsoft Entra, the new product family name for Microsoft’s identity and access products.

It was an immense pleasure to invite Rohit Gulati, Principle Product Manager in Microsoft Identity Engineering, to provide some key insight into what it is and, crucially, what it isn’t.

For instance, Microsoft Entra is NOT a replacement or rebrand of Azure Active Directory (Azure AD), which remains a fundamental part of Microsoft’s secure access offering.

Entra includes:

• Azure AD
• Permissions Management
• Verified ID

Watch Rohit’s full speech in our on-demand summit recording now.

Identity and access remain at the core of security

There was an overriding theme to the event around the critical importance of identity protection. Get this wrong and the rest of your security ecosystem is likely to fail.

Many delegates were keen to learn more about cloud governance, external identity management, and zero trust identity principles.

Thankfully, we had some of the industry’s leading experts on hand to share their invaluable knowledge.

Of course, there was still time for some fun

After nearly three years of COVID restrictions that saw our 2020 and 2021 summits migrating to the virtual arena, it was wonderful to be able to meet and enjoy some face-to-face engagement once more.

We couldn’t really hold an in-person event without a bit of fun thrown into the mix.

That came courtesy of a trip to Spinners in the heart of Reading. There was a chance to enjoy some food and drink, have a laugh, and let the more competitive elements battle it out over darts, bowling, and mini golf.

Knowledge, networking, and a chance to meet with friends and colleagues. This was the Microsoft Identity, Security, and Compliance Summit 2022.

We’re already excited to top it in 2023.

Next steps