Top 5 Lessons Learned in EDU: Modern Threat Detection & Security Operations

Wednesday, June 09 | 1:00PM–1:45PM ET
Session Type: Industry and Campus Session
Delivery Format: Live Session
Over the last year, the most common reason behind Microsoft incident response engagements has been advanced ransomware attacks. In some instances, cybercriminals went from initial entry to ransoming the entire network in less than 45 minutes. Unfortunately, this trend of human-operated ransomware attacks is picking up steam and the education sector appears to be a top target due resource constraints, hybrid learning, and technical debt. During this session, you will learn about the state of advanced attacks, e.g., supply chain/advanced ransomware in education, and the impact on higher ed institutions. Join this session to increase your situational awareness about advanced attacks, best practices, and methods to detect suspicious activity and anomalous behavior in your environment.


  • William Hagen

    Director, Solution Sales EDU, Microsoft Corporation
  • Corey Lee

    Zero Trust Architect, Microsoft Corporation
  • Steve Scholz

    Principal Technical Specialist, Microsoft Corporation