Our objective is to help customers in identifying potential cybersecurity risks and gain knowledge about technologies that can help mitigate those risks.

IT Partner responsibilities #

• Understand the customer's status vs cyberattacks. Help customer to identify elements in their IT environment that might make it prone to rapidly spreading and potentially destructive cyberattacks (e.g., ransomware attacks).
• Cyberattacks Technical Security readiness. Provide guidance, recommendations, and best practices on how to successfully use Microsoft technologies to mitigate security threats that are associated with rapid cyberattacks.
• Create a rapid cyberattack road map. Provide prioritized and actionable road map for the customer containing proposed actions based on discovered gaps, considering user impact and implementation cost.
• Map Microsoft technology capabilities and partner services to assessment findings, taking into account customer's objectives and requirements.

Client responsibilities #

• Information: This includes accurate, timely (within three business days or as mutually agreed upon), and complete information.
• Access to people. This includes access to knowledgeable customer personnel, including business user representatives, and access to funding (if additional budget is needed to deliver project scope).
• Infrastructure (machine) to install and run RCA tool (dedicated machine on which RCA tool will be installed and from which it will be run).

Plan #

Week One -- Kickoff

• Kickoff meeting
• Introduction to the engagement: objectives, flow, responsibilities, and governance
• Provide and explain preassessment questionnaire to the customer
• Explain RCA tool to the customer and provide "How to use RCA tool" document

Weeks One and Two (Assess)

• Complete/return questionnaire and install/run RCA tool
• Ensure availability of necessary resources
• Review RCA tool results
• Begin road map planning
• Finalize preparations for on-site
• Second preparation call
  • Confirmation on the completeness of the questionnaire or RCA tool output
  • Confirm attendance and dates for the on-site meeting

Week Three

• Day 1 -- whole-day on-site workshop
  • Definition of rapid cyberattacks
  • Review, explain, and discuss questionnaire and tool findings
  • Identify opportunities to leverage already deployed entitlements
  • Perform gap analysis
  • Finalize road map

Week Three -- Day 2 (Enable)

• Day 2 -- whole-day on-site workshop
  • Road map delivery workshop
  • Solution(s) briefing and Technical Readiness presentations
  • Engagement close-out

Example Schedule #

Day One

Workshop #

Description #

Outcome #

Customer attendees #

Time #

On-site Engagement Overview #

Provides an overview of the on-site agenda, flow and goals as well as an opportunity to cover Q&A and project governance.

Agreed plan and schedule for the on-site assessment.

All project team

60 minutes

Rapid Cyberattack Overview Presentation #

Definition of the rapid cyberattacks (what they are, impact they could have, fact that they are getting increasingly sophisticated)

How to protect against cyberattacks?

Mitigation strategies.

Sets the stage and provides an overview of topics related to Rapid Cyberattacks.

Security Architects

Security Engineers

Active Directory and/or other relevant IT administrators

60 minutes

Lunch #

60 minutes

Review Questionnaire and output from the Rapid Cyberattack Assessment Tool #

Review the questionnaire and output from the RCA tool:

• Discuss findings related to the Questionnaire
• Discuss findings related to the assessed machines
• Identify existing implementations that are not covered by Questionnaire (Rapid Cyberattack relevant)
• Do a gap analysis
• Get the customer priorities
• Open conversation around relevant topics

Prioritized list of identified gaps and customer security requirements.

Security Architects

Security Engineers

Active Directory and/or other relevant IT administrators

120 minutes

Finalize Rapid Cyberattack Roadmap #

Finalization of prioritized and actionable roadmap for the customer with proposed actions, considering user impact and implementation cost

Rapid Cyberattack Roadmap

None.

180 minutes

Day Two #

Workshop #

Description #

Outcome #

Customer attendees #

Time #

Day 1 Briefing & Recap #

Provides briefing of Day 1, an overview of the Day 2 agenda and goals as well as an opportunity to cover Q&A.

Agreed plan for the Day 2.

All project team

30 minutes

Rapid Cyberattack Roadmap Workshop #

Workshop to outline suggested roadmap with proposed next actions based on identified gaps and priorities.

Get the customer view and adjust.

NOTE: the engagement follow-up & next steps will be presented at Close-out before leaving.

Mutual understanding and agreement on the content of Rapid Cyberattack Roadmap.

All project team

90 minutes

Technical Readiness or Partner Services Presentation -- slot 1 #

Open time slots to be used to present recommended Microsoft solutions/technologies (based on PU v2 content) or relevant partner services.

NOTE: sessions selected based on answers from Questionnaire and Roadmap content

Customer's understanding of selected Microsoft solution/technology and its fit into proposed Rapid Cyberattack Roadmap.

Security Architects

Security Engineers

Active Directory and/or other relevant IT administrators

90 minutes

Lunch #

60 minutes

Technical Readiness or Partner Services Presentation -- slot 2 #

Same as above.

90 minutes

Technical Readiness or Partner Services Presentation -- slot 3 #

Same as above.

90 minutes

Close-out and Next steps #

Summary and discussion of next steps

Provide an engagement summary and clear steps with tangible outcomes.

All project team

30 minutes

Results #

• Kickoff presentation. Overview of the engagement, covering vision and objectives, requirements, and next steps and actions
• A questionnaire about the organization and its approach to exploit mitigation and attack surface reduction, ways of securing privileged access and providing business continuity to mitigate effects of potential cyberattacks, etc.
• Rapid cyberattack assessment tool reports. A set of reports documenting findings of the RCA tool -- reviewed and discussed by the partner in the workshop
• Rapid cyberattack road map. Actionable road map for addressing discovered gaps, including mapping capabilities of Microsoft technologies and Partner services to assessment findings, taking into account customer's objectives and requirements