The decision on whether to implement the Microsoft Security offerings available with the Microsoft 365 E5 license certainly involves deep security discussions, but it's also a business decision. In that respect, this process allows security leaders to engage with their CFO and other business leaders to elevate conversations. That is one of the takeaways from a Trustwave webinar, "CISO Debrief: Lessons Learned Migrating to E5," with Trustwave CISO Kory Daniels and VP of Global Solution Architecture and Engineering Jesse Emerson. The pair also discussed how Microsoft E5 changes the age-old "best of breed" strategy that many companies have adopted, as well as how Trustwave's own security requirements and its longstanding partnership with Microsoft helped shape the company's new Microsoft-focused offerings. Trustwave's journey to adopting E5 and Microsoft Security began with a discussion led by the IT organization that should sound familiar to most organizations. The company was already using Teams, Active Directory, and more. Then, the team contemplating the situation started to evaluate what was available in the E5 license vs. E3 or add-ons to E3. That evaluation opened up an opportunity for new relationships to elevate the conversation from security to more of a business conversation around both a new technology perspective around security while at the same time reducing overall tech spending, Daniels said. Additionally, he argued the move would reduce the burden and overhead for the CFO, procurement, accounts payable, and other groups with respect to managing various relationships with individual security vendors that Microsoft Security offerings could replace. "Ultimately [we were] looking at a reduction of risk, but also how to maximize the efficiency of all personnel, not just cyber security," Daniels said. That efficiency includes the unified experience the Microsoft offerings bring, which "takes a load off" the security team from an operational perspective but also makes life easier for the company's entire user base, Emerson said. Another factor in the decision to go with E5 and Microsoft Security was the changing nature of Trustwave's long-held "best of breed" mentality when it came to choosing security tools for its own use. Over time, solutions like cloud access security brokers, endpoint detection and response (EDR), security information and event management (SIEM) systems have "started to cross-pollinate over features and capabilities," Daniels said. "The way we look at the combination of maximizing tech capabilities and developing an ecosystem or cyber workbench to grow from has really steered us to Microsoft in terms of how we look at reducing overlapping technologies," he said. Fundamentally, in his job as CISO of a security company, Daniels said he tries to move the needle on the challenges facing any cybersecurity organization. "We're looking to address the skills gap challenge, burnout, scalability, how to make sense of exploding digital estate," he said, all while mindful that end users and the business, in general, are becoming more tech-savvy. Part of that work entails looking at the way Trustwave consumes the same services it brings to market, including Managed Detection and Response (MDR). That analysis led directly to the new capabilities Trustwave recently announced regarding Microsoft Security products. They include new "Accelerators" to help customers quickly implement and get value from Microsoft Defender XDR, Sentinel, and Copilot for Security. "This technology is iterating monthly in terms of new features, functions, and capabilities," Daniels said. "It's very hard for the industry to keep up with the speed of innovation." It can likewise be difficult to keep up with the alerts Microsoft Sentinel and Defender XDR Suite generate, as well. That led to the development of the Trustwave Managed Extended Detection and Response (MXDR) for Microsoft offering, an MDR service designed specifically for those Microsoft security tools. What's most impressive about the Microsoft Security products in E5 "is the joy it gives my cyber team," Daniels said. It helps improve productivity for everyone, from the director of cyber defense to the director of governance, risk, and compliance (GRC), who can now use Microsoft Purview to easily prepare for annual auditor meetings. "That allows our GRC leader to repurpose a lot of his energy for how to look at ongoing posture analysis for SOC 2 reporting, PCI, ISO 27000, or NIST framework," he said. "It gives leaders time back to be a superpower in the way they operate and run their business." These were just a few topics discussed in the "CISO Debrief" webinar. To learn more, including about the role of artificial intelligence in cyber security and who should head up an E5 adoption effort, click here to register to view a replay of the webinar.Why E5 is Fundamentally a Business Conversation
Microsoft is Changing the "Best of Breed" Discussion
Evolution of Microsoft-Focused Security Offerings
Time to be a Superpower
The cybersecurity threat landscape is constantly evolving, requiring organizations to regularly evaluate their security stack to ensure it not only offers the highest level of protection, but is...
Few repositories of cybersecurity knowledge are as broad, deep, and widely respected as Trustwave Security Colony. The industry analyst firm IDC has praised Security Colony, which sees clients and...