Speaking in front of 5300 attendees at the sold-out Microsoft Management Summit (MMS) here at the Venetian in Las Vegas and getting again very feedback, makes me thank God and everyone who spend time to share their thoughts.
Microsoft Corporate Vice President Brad Anderson and I recommended similar things 🙂 ” In his keynote, Anderson said, “Cloud computing gives IT professionals an opportunity to increase their strategic value to their businesses while building new skills “. In my session, I recommend the attendees similar things, like seeing the FUTURE is going to be Virtual and in the Cloud:
This is Las Vegas, usually what happens here has to stay here , but not if you are in a mission like us. We gladly share what we see for the future and we want you to get ready for that before its late FOR YOU and your Organization
Microsoft Management Summit
The Microsoft Management Summit (MMS) brings together the brightest IT professionals from around the world to increase their technical expertise through an intensive week of training led by experts in desktop, device management, datacenter, and cloud technologies.Erdal
Finally, today was the first day of MMS 2012. So now the magic begins 🙂 I used the morning to complete the registration. After the registrion everyone received a conference bag. In the afternoon I followed the following sessions:
- Lab: Implementing Security Compliance Manager for System Center Configuration Manager 2012
- Lab: Advanced Software distribution with System Center Configuration Manager 2012
- Exam Cram: 70-246
- Breakout Session: Troubleshooting Windows 7 Deployments.
Lab: Implementing Security Compliance Manager for System Center Configuration Manager 2012
This was a very short lab about the Security Compliance Manager Solution Accelerator and SCCM 2012. With the SCM Microsoft provides a basis set of rules for different components. With this basic set you can start defining your own set of rules (baseline). During this lab we have done the above actions. Lab: Advanced Software distribution with System Center Configuration Manager 2012
During this lab Wally Mead guided us trough the process of deploying software. This lab covered the following functionality:
- Creating Application Web Catelog
- Assing Primary Devices to User
- Creating Applications
- Deploying Required Application
- Deploying Availabe Application
- Creating a Windows Mobile Application
Exam Cram: 70-246
After the above labs I followed a exam cram session for the 70-246 exam. Durng this session a lot of information was provided what you need to know before you can do the 70-246 exam.
Breakout Session: Troubleshooting Windows 7 Deployments
After that cram session I followed a breakout session about how to troubleshoot Windows 7 deployments. It was all about log files. Not much new information for me.
CISO Insight
Cybersecurity is not a product you buy or a project you complete — it is a continuous operational discipline. Organisations achieving genuine maturity embed security thinking into every business decision, invest in people and processes alongside technology, and build resilience for when preventive controls inevitably fail.
The Evolving Cybersecurity Landscape
The threat landscape continues evolving at a pace challenging even well-resourced teams. AI-powered attacks, supply chain compromises, ransomware-as-a-service, and state-sponsored campaigns create a multi-dimensional environment no single technology addresses. Organisations defending most effectively take a risk-based approach — understanding which assets are critical, which threats most likely, and where investments create greatest impact. For CISOs, translating complexity into actionable strategy requires quantifying cyber risk in business terms, prioritising based on risk reduction, and communicating in language that resonates with non-technical stakeholders.
Building a Defence-in-Depth Strategy
Effective cybersecurity requires layered defences addressing the full attack lifecycle. No single control is sufficient; every control can be bypassed by determined adversaries. The goal is creating enough layers that attackers must overcome multiple independent defences, while ensuring detection and response capabilities contain breaches before catastrophic damage. The most common mistake is treating security as a technology problem. The fundamentals — patch management, access control, security awareness, incident response planning — prevent more breaches than advanced technology.
Frequently Asked Questions
What is the biggest cybersecurity mistake organisations make?
Buying tools without coherent strategy, skipping basic hygiene for advanced solutions, and failing to invest in people and processes. Fundamentals prevent more breaches than advanced technology.
How should CISOs prioritise security investments?
Start with risk assessment identifying critical assets and likely threats. Prioritise highest-risk scenarios. Ensure basic hygiene before advanced capabilities. Use NIST CSF or CIS Controls to structure your programme.
Related reading: Visit our Cyber Resilience Hub or download the CISO Toolkit.