A Microsoft 365 security assessment is valuable, however governance aspects identified through and audit are just as important — JML, Ops Support & IR.

Microsoft 365 security failures are often blamed on a missing control, or feature, these matter, but they are rarely the root cause - the lack of governance is!

Microsoft 365 is frequently described as an “ISO 27001–aligned platform”. In isolation, that statement is not incorrect. However...

External sharing is one of Microsoft 365’s greatest strengths — and one of its most misunderstood risks. This article discuses how to reduce your exposure.

The majority of Microsoft 365 compromises exploit well-known, repeatable misconfigurations that have existed quietly for months or years.

Traditional perimeter security assumed that if you protected the network, you protected the organisation. Microsoft 365 has rendered that model obsolete.

Microsoft Secure Score is one of the most widely referenced security metrics in Microsoft 365. It is visible, easy to understand, and often used as shorthand for “how secure” an environment is. That simplicity is precisely the problem. Secure Score can be a useful indicator, but it is frequently misunderstood, over-trusted, and misused — particularly...