Long description | This workshop is an opportunity to receive deeper visibility on potential vulnerability to rapid cyberattacks. You may have already been the victim of an attack; or maybe you are unsure about your status of defensive measures, or would like to obtain a risk assessment related to rapid cyberattacks. |
Active | 1 |
Ask an expert
Our objective is to help customers in identifying potential cybersecurity risks and gain knowledge about technologies that can help mitigate those risks.
IT Partner responsibilities #
- Understand the customer's status vs cyberattacks. Help customer to identify elements in their IT environment that might make it prone to rapidly spreading and potentially destructive cyberattacks (e.g., ransomware attacks).
- Cyberattacks Technical Security readiness. Provide guidance, recommendations, and best practices on how to successfully use Microsoft technologies to mitigate security threats that are associated with rapid cyberattacks.
- Create a rapid cyberattack road map. Provide prioritized and actionable road map for the customer containing proposed actions based on discovered gaps, considering user impact and implementation cost.
- Map Microsoft technology capabilities and partner services to assessment findings, taking into account customer's objectives and requirements.
Client responsibilities #
- Information: This includes accurate, timely (within three business days or as mutually agreed upon), and complete information.
- Access to people. This includes access to knowledgeable customer personnel, including business user representatives, and access to funding (if additional budget is needed to deliver project scope).
- Infrastructure (machine) to install and run RCA tool (dedicated machine on which RCA tool will be installed and from which it will be run).
Plan #
Week One -- Kickoff
- Kickoff meeting
- Introduction to the engagement: objectives, flow, responsibilities, and governance
- Provide and explain preassessment questionnaire to the customer
- Explain RCA tool to the customer and provide "How to use RCA tool" document
Weeks One and Two (Assess)
- Complete/return questionnaire and install/run RCA tool
- Ensure availability of necessary resources
- Review RCA tool results
- Begin road map planning
- Finalize preparations for on-site
- Second preparation call
- Confirmation on the completeness of the questionnaire or RCA tool output
- Confirm attendance and dates for the on-site meeting
Week Three
- Day 1 -- whole-day on-site workshop
- Definition of rapid cyberattacks
- Review, explain, and discuss questionnaire and tool findings
- Identify opportunities to leverage already deployed entitlements
- Perform gap analysis
- Finalize road map
Week Three -- Day 2 (Enable)
- Day 2 -- whole-day on-site workshop
- Road map delivery workshop
- Solution(s) briefing and Technical Readiness presentations
- Engagement close-out
Example Schedule #
Day One
[Workshop]{lang="EN-GB" style="font-size:10.0pt;line-height:107%"}
[Description]{style="font-size:10.0pt;line-height:107%"}
[Outcome]{style="font-size:10.0pt;line-height:107%"}
[Customer attendees]{style="font-size:10.0pt;line-height:107%"}
[Time]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{style="font-size:10.0pt;line-height:107%"}
[On-site Engagement Overview]{style="font-size:10.0pt;line-height:107%"}
[Provides an overview of the on-site agenda, flow and goals as well as an opportunity to cover Q&A and project governance.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Agreed plan and schedule for the on-site assessment.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[All project team]{style="font-size:10.0pt;line-height:107%"}
[60 minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{style="font-size:10.0pt;line-height:107%"}
[Rapid Cyberattack Overview Presentation]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Definition of the rapid cyberattacks (what they are, impact they could have, fact that they are getting increasingly sophisticated)]{style="font-size:10.0pt;line-height:107%"}
[How to protect against cyberattacks? ]{style="font-size:10.0pt;line-height:107%"}
[Mitigation strategies.]{style="font-size:10.0pt;line-height:107%"}
[Sets the stage and provides a overview of topics related to Rapid Cyberattacks.]{style="font-size:10.0pt;line-height:107%"}
[Security Architect]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}[s]{style="font-size:10.0pt;line-height:107%"}
[Security Engineers]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Active Directory and/or other relevant IT administrators]{style="font-size:10.0pt;line-height:107%"}
[60 minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{style="font-size:10.0pt;line-height:107%"}
[Lunch]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[60 minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Review Questionnaire and output from the Rapid Cyberattack Assessment Tool]{style="font-size:10.0pt;line-height:107%"}
[Review the questionnaire and output from the RCA tool:]{style="font-size:10.0pt;line-height:107%"}
[•[ ]{style="font:7.0pt "Times New Roman""}]{style="font-size:10.0pt;line-height:107%;font-family:"Arial",sans-serif"}[Discuss findings related to the Questionnaire]{style="font-size:10.0pt;line-height:107%"}
[•[ ]{style="font:7.0pt "Times New Roman""}]{style="font-size:10.0pt;line-height:107%;font-family:"Arial",sans-serif"}[Discuss findings related to the assessed machines]{style="font-size:10.0pt;line-height:107%"}
[•[ ]{style="font:7.0pt "Times New Roman""}]{style="font-size:10.0pt;line-height:107%;font-family:"Arial",sans-serif"}[Identify existing implementations that are not covered by Questionnaire (Rapid Cyberattack relevant)]{lang="EN-GB" style="font-size:10.0pt;line-height:107%"}
[•[ ]{style="font:7.0pt "Times New Roman""}]{style="font-size:10.0pt;line-height:107%;font-family:"Arial",sans-serif"}[Do a gap analysis]{style="font-size:10.0pt;line-height:107%"}
[•[ ]{style="font:7.0pt "Times New Roman""}]{style="font-size:10.0pt;line-height:107%;font-family:"Arial",sans-serif"}[Get the customer priorities]{style="font-size:10.0pt;line-height:107%"}
[•[ ]{style="font:7.0pt "Times New Roman""}]{style="font-size:10.0pt;line-height:107%;font-family:"Arial",sans-serif"}[Open conversation around relevant topics]{style="font-size:10.0pt;line-height:107%"}
[Prioritized list of identified gaps and customer security requirements.]{style="font-size:10.0pt;line-height:107%"}
[Security Architect]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}[s]{style="font-size:10.0pt;line-height:107%"}
[Security Engineers]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Active Directory and/or other relevant IT administrators]{style="font-size:10.0pt;line-height:107%"}
[120 minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Finalize Rapid Cyberattack R]{style="font-size:10.0pt;line-height:107%"}[roadmap]{lang="PL" style="font-size:10.0pt;line-height: 107%"}
[Finalization of prioritized and actionable roadmap for the customer with proposed actions, considering user impact and implementation cost]{style="font-size:10.0pt;line-height:107%"}
[Rapid Cyberattack R]{style="font-size:10.0pt;line-height:107%"}[roadmap]{lang="PL" style="font-size:10.0pt;line-height:107%"}
[None.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}[ ]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[180]{lang="PL" style="font-size:10.0pt;line-height:107%"}[ minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
Day Two
[Workshop]{lang="EN-GB" style="font-size:10.0pt;line-height:107%"}
[Description]{style="font-size:10.0pt;line-height:107%"}
[Outcome]{style="font-size:10.0pt;line-height:107%"}
[Customer attendees]{style="font-size:10.0pt;line-height:107%"}
[Time]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{style="font-size:10.0pt;line-height:107%"}
[Day 1 Briefing & Recap]{style="font-size:10.0pt;line-height:107%"}
[Provides briefing of Day 1, an overview of the Day 2 agenda and goals as well as an opportunity to cover Q&A.]{style="font-size:10.0pt;line-height:107%"}
[Agreed plan for the Day 2.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[All project team]{style="font-size:10.0pt;line-height:107%"}
[30]{lang="PL" style="font-size:10.0pt;line-height:107%"}[ minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Rapid Cyberattack Roadmap Workshop]{style="font-size:10.0pt;line-height:107%"}
[Workshop to outline suggested roadmap with proposed next actions based on identified gaps and priorities.]{style="font-size:10.0pt;line-height:107%"}
[Get the customer view and adjust.]{style="font-size:10.0pt;line-height:107%"}
[[NOTE]{.caps}: the engagement follow-up & next steps will be presented at Close-out before leaving.]{style="font-size:9.0pt;line-height:107%"}
[Mutual understanding and agreement on the content of Rapid Cyberattack Roadmap]{style="font-size:10.0pt;line-height:107%"}[.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[All project team]{style="font-size:10.0pt;line-height:107%"}
[90]{lang="PL" style="font-size:10.0pt;line-height:107%"}[ minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Technical Readiness
or Partner Services Presentation -- slot 1]{lang="DE-AT"
style="font-size:10.0pt;line-height:107%"}
[Open time slots to be used to present recommended Microsoft solutions/technologies ]{style="font-size:10.0pt;line-height:107%"}[(based on PU v2 content)]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}[ or relevant partner services.]{style="font-size:10.0pt;line-height:107%"}
[[NOTE]{.caps}: sessions selected based on answers from Questionnaire and Roadmap content]{style="font-size:9.0pt;line-height:107%"}
[Customer's understanding of selected Microsoft solution/technology and its fit into proposed Rapid Cyberattack Roadmap]{style="font-size:10.0pt;line-height:107%"}[.]{lang="DE-AT" style="font-size: 10.0pt;line-height:107%"}
[Security Architect]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}[s]{style="font-size:10.0pt;line-height:107%"}
[Security Engineers]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Active Directory and/or other relevant IT administrators]{style="font-size:10.0pt;line-height:107%"}
[90]{lang="PL" style="font-size:10.0pt;line-height:107%"}[ minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Lunch]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[60 minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Technical Readiness
or Partner Services Presentation -- slot 2]{lang="DE-AT"
style="font-size:10.0pt;line-height:107%"}
[Same as above.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Same as above.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Same as above.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[90]{lang="PL" style="font-size:10.0pt;line-height:107%"}[ minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{style="font-size:10.0pt;line-height:107%"}
[Technical Readiness
or Partner Services Presentation -- slot 3]{lang="DE-AT"
style="font-size:10.0pt;line-height:107%"}
[Same as above.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Same as above.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Same as above.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[90 minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{style="font-size:10.0pt;line-height:107%"}
[Close-out and Next steps]{style="font-size:10.0pt;line-height:107%"}
[Summary ]{style="font-size:10.0pt;line-height:107%"}[and discussion of next steps]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[Provide an engagement summary and clear steps with tangible outcomes.]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[All project team]{style="font-size:10.0pt;line-height:107%"}
[30 minutes]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
[ ]{lang="DE-AT" style="font-size:10.0pt;line-height:107%"}
Results #
- Kickoff presentation. Overview of the engagement, covering vision and objectives, requirements, and next steps and actions
- A questionnaire about the organization and its approach to exploit mitigation and attack surface reduction, ways of securing privileged access and providing business continuity to mitigate effects of potential cyberattacks, etc.
- Rapid cyberattack assessment tool reports. A set of reports documenting findings of the RCA tool -- reviewed and discussed by the partner in the workshop
- Rapid cyberattack road map. Actionable road map for addressing discovered gaps, including mapping capabilities of Microsoft technologies and Partner services to assessment findings, taking into account customer's objectives and requirements