Congratulations to Lesley Kipling, Chief Security Advisor at Microsoft for being selected as techUK’s ‘Cloud Security Champion’ for the month of September.
The purpose of techUK’s Cloud Security Champion campaign is to celebrate the work of UK cloud security specialists in helping build a culture of trust and confidence in cloud computing and showcase how they are supporting organisations to adopt, deploy and use cloud services securely. This is also an opportunity to learn from those working in cloud security about the current threat landscape and examples of the strides being made in enhancing security.
A new techUK 'Cloud Security Champion’ will be chosen every month, so if you would like to nominate a friend or colleague to be the next Champion please drop us a line.
Previously lead investigator for Microsoft’s detection and response team (DART), Lesley Kipling has spent more than 16 years responding to our customers’ largest and most impactful cybersecurity incidents. As Chief Security Advisor, she now provides customers, partners and agencies around the globe with deep insights into how and why security incidents happen, how to harden defences and more importantly, how to automate response and contain attacks with the power of the cloud and machine learning. She holds a Master of Science in Forensic Computing from Cranfield University in the United Kingdom.
What are your current responsibilities and what does a typical day involve at Microsoft?
I’m not sure we have any typical days 😊 As a Chief Security Advisor, my role is really talking to customers about how we do security at Microsoft. This might be security in the cloud; the best way to secure identities, devices and data in a zero trust strategy; how we handle the hybrid world of on-prem and the cloud or even how we combine the OT world with the IT world – all from the point of view of security. An equally important part of the role is listening to our customers about their pain-points and working with our product groups to address those, where feasible. As a long time blue teamer and incident responder, I share how we handle the trillions of signals a day that we get into our Cyber Defence Operation Centre (CDOC), how we handle incidents and what we are seeing from the threat landscape, all in an effort to prepare our customers for what might be a worst case scenario.
What do you most enjoy about your work?
I love how diverse my job is. Tactically, I get to handle incidents and escalations; talk to customers about how we do security inside Microsoft and, gain a deeper understanding of challenges facing different industries. Strategically, my team and I think about how the world is changing and how people, processes and technologies will have to adapt to support the digital revolution.
Why is cloud important to UK’s economic growth and what does the future hold for adoption and maturity of cloud in the UK?
Simply, cloud computing enables digital transformation leading to business agility and cost reduction. However, cloud offers a wide range of additional benefits, including revenue growth—through new business models, global market expansion, accelerated innovation, and enhanced customer experience and satisfaction—as well as risk mitigation. Rapid advances in technology like AI and cloud computing are reshaping our economy, transforming how we live, how we work, and how we learn.
Would you agree that the conversation about cloud security has shifted and cloud users increasingly recognise the security benefits of cloud services?
The conversation has changed dramatically today from a few years back where the belief was that the cloud was just someone else’s computer! Cloud computing has come a long way since then and the rapid advances in technology with built-in security controls has fundamentally changed the conversation. Of course, there are organisations out there on different levels of the cloud adoption journey but, where right for the organisation, cloud-native lets businesses innovate and do more, faster, and more securely.
What are the key security concerns affecting greater cloud adoption and how can these issues be addressed?
A mistake I see many organisations making is applying a traditional on-premise security model to the cloud. Taking cloud scale data and backhauling it to the on-prem world is both costly and ineffective. Where the application being used is a trusted and sanctioned app, direct connection to the application over the internet without forcing the traffic over a VPN is a recommended best practise. Another concern is data privacy and growing concerns around data sovereignty.
From a more philosophical point of view, we need to ask not just what technology can do, but what it should do. When we do, technology can help promote economic opportunity that benefits everyone.
What steps should organisations take to adapt their cloud security posture to the rapidly changing online environment?
Many organisations have adopted the cloud through organic growth to support business outcomes, often leading to solutions unsanctioned by centralised IT or security departments. This “shadow IT” has grown exponentially in recent years with the adoption of cloud-based applications and services and may be both a blessing for innovation and a major security risk to the organisation. Visibility is key – you can’t protect what you can’t see – but the benefit of cloud computing is that it can allow for continuous assessment, monitoring and automated defence.
How can the cloud market equip organisations with the understanding, skills and knowledge to make the right cloud decisions for now and for the future?
The sheer speed with which development happens in the cloud is a challenge for everyone, and especially with trying to keep documentation up to date! We know that organisations have a skills gap and that when people don't understand something, they won't use it. At Microsoft, we’ve tried to address the many different ways that people learn through a variety of learning paths, from the free 30 day Cloud Skill Challenge which prepares people to pass the more formal exams such as AZ900 Cloud fundamentals, to youtube overview videos to the more technical depth content.
Building trust and confidence in the security of cloud computing services remains fundamental to the continued use of cloud services by organisations. What would you suggest is the one thing all companies should do to improve their cloud security?
From a security perspective, the basics have long been overlooked in favour of that shiny new attack and yet we see attackers compromising organisations with simple tools and techniques time after time. The cloud brings both security benefits and challenges, but frequently I see the same sort of mistakes made historically in the on-prem world transferred to the cloud, which allows the attacker to easily pivot between one and the other. The first thing I do when working with customers is to secure their administrative and VIP credentials, ensuring they are logging on from a trusted device and that the account has multi-factor authentication (MFA) enabled. Of course, everyone should use MFA whether it is in their corporate or personal lives – we’ve shown that MFA decreases the risk of a successful attack by about 99%.
How can the cloud and cyber industry encourage someone considering a career focussed on these technologies?
A Science background is often touted as a requirement for the IT world and even more so for the security world. This is simply not true today (if it ever was). To secure the planet, we need diversity – of thought, of skillsets, of backgrounds, of opinions. In my extended team we have linguists, psychologists, data scientists, threat hunters, lawyers, ethics champions and a host of others, some of whom had very different roles previously (a chef and a firefighter, for example). All of this is even more important in the cloud – the sheer scale gives us more opportunity than ever, and the application of machine learning and artificial intelligence necessitates the industry to include hitherto untapped potential.
Thank you Lesley for taking the time to answer techUK's questions! If you would like to learn more about techUK's Cloud Security Champion please reach out to laura.foster@techUK.org