Turn your real-world experience into part of the show.

Microsoft Security Podcast – Identity, Cloud & Enterprise Protection Episodes

Security within the Microsoft ecosystem is deeply integrated across identity, endpoints, cloud services, and data platforms. Security Talk focuses on understanding Microsoft security architecture as an interconnected system rather than isolated tools and dashboards.

In this category, we examine identity security using Entra ID, Conditional Access, and privileged access models, alongside Microsoft Defender, Purview, and security controls across Microsoft 365 and Azure. Episodes explore how attackers exploit misconfigurations, how security signals propagate across services, and why many security incidents stem from architectural assumptions rather than missing features.

Security Talk emphasizes why breaches happen, not just how to configure protection. We discuss threat models, attack paths, lateral movement, and the operational trade-offs between security, usability, and automation. Particular focus is given to identity-centric security, which has become the primary control plane for modern Microsoft environments.

This category is intended for security professionals, architects, and IT decision-makers who need to understand Microsoft security beyond checklists and best-practice documents. If you are responsible for protecting identities, data, and cloud workloads within Microsoft platforms, Security Talk provides clear, experience-based insight into building and maintaining resilient security architectures.
June 26, 2026

Stop Treating Agents Like Service Accounts

AI agents are often managed like traditional service accounts—but that mindset creates serious security and governance risks. This episode explains why AI agents should be treated as autonomous digital identities with their own lifecycle, permissions, and accountability instead of static technical accounts.The discussion highlights that agents don't just authenticate to services—they make decisions, access business data, trigger workflows, and interact with multiple systems. Because of this, identity becomes the primary security boundary. Organizations should assign every agent its own identity, apply least-privilege access, enforce Zero Trust principles, and continuously monitor behavior rather than relying on broad, long-lived permissions.The episode also covers the importance of lifecycle management for non-human identities. Just like employees, AI agents require onboarding, role assignments, permission reviews, auditing, and secure decommissioning. Without proper governanc…
Guest: Mirko Peters
June 19, 2026

Securing Identities at Scale: Conditional Access, Azure Security & Infrastructure as Code with Jonathan Hope [MVP]

In this episode of M365 FM, Mirko Peters sits down with Microsoft MVP Jonathan Hope to explore why identity has become the most critical security boundary in modern cloud environments. As organizations move deeper into Microsoft 365, Azure, and cloud-native architectures, traditional network-based security models are no longer enough.Jonathan explains how Microsoft Entra ID acts as the control plane for security and why mismanaged identities, excessive permissions, and poorly maintained Conditional Access policies create significant risk. The conversation dives into the concept of “identity debt” — the gradual accumulation of exceptions, legacy configurations, guest accounts, workload identities, and hybrid synchronization issues that weaken an organization’s security posture over time.The episode covers practical strategies for implementing Zero Trust principles, designing effective Conditional Access policies, enforcing least-privilege access, and protecting privileged accou…
June 16, 2026

Indirect Injection: The Silent Killer of Enterprise AI

Most organizations believe hallucinations are the biggest risk in enterprise AI. In reality, one of the most dangerous threats is something far less visible: Indirect Prompt Injection. In this episode, we explore how trusted documents, emails, SharePoint content, Teams conversations, and knowledge bases can become attack vectors that manipulate AI systems without ever compromising the underlying infrastructure.The episode examines why Retrieval-Augmented Generation (RAG), the foundation behind Microsoft 365 Copilot, Azure AI Foundry solutions, and many enterprise AI assistants, introduces an entirely new security challenge. Unlike traditional software, large language models cannot reliably separate data from instructions. Every piece of retrieved content becomes part of the model's context, allowing hidden commands, poisoned documents, metadata, and embedded instructions to influence AI behavior.Listeners will learn how indirect prompt injection works, why system prompts are n…
Guest: Mirko Peters
June 14, 2026

The Rise of Private LoRA: Architecting Secure AI on Proprietary Data

The rise of enterprise AI has created a fundamental challenge: how can organizations leverage powerful language models without exposing their most valuable proprietary data? In this episode of M365.fm, we explore the growing adoption of Private LoRA (Low-Rank Adaptation) as a practical architecture for secure AI systems built on sensitive enterprise information.Rather than sending confidential documents, intellectual property, customer records, or internal knowledge to public AI services, Private LoRA enables organizations to adapt and customize foundation models while keeping their data within controlled environments. The discussion explains why traditional fine-tuning approaches are often expensive, difficult to govern, and introduce significant security and compliance concerns.The episode breaks down how LoRA works by modifying only a small subset of model parameters, allowing organizations to create specialized AI capabilities without retraining entire large language model…
Guest: Mirko Peters
June 12, 2026

Cryptographic Agility: The Only Defense Against Quantum

As quantum computing moves from theory toward reality, many organizations are focusing on replacing RSA and ECC with post-quantum cryptography. But in this episode of M365.fm, Mirko Peters argues that simply choosing a new algorithm is not enough. The real challenge is cryptographic agility: the ability to rapidly adapt, replace, and evolve cryptographic systems as threats, standards, and technologies change.The discussion explores why most enterprise environments are deeply dependent on cryptography in ways many organizations don't fully understand. Certificates, identity systems, VPNs, TLS connections, APIs, cloud workloads, IoT devices, and long-lived data all rely on cryptographic foundations that may become vulnerable in a post-quantum world. The biggest risk is not that quantum computers arrive tomorrow—it is that organizations cannot adapt quickly when change becomes necessary.The episode examines how crypto-agility shifts the conversation from algorithm selection to ar…
Guest: Mirko Peters
June 12, 2026

Microsoft Purview in the Age of AI: Securing Copilot with Peter Rising [Microsoft]

As organizations rapidly adopt Microsoft 365 Copilot, AI agents, and generative AI technologies, one challenge stands above all others: ensuring data is secure, governed, and compliant. In this episode of M365 FM, Mirko Peters speaks with Peter Rising, Senior Partner Solution Architect at Microsoft, about how Microsoft Purview helps organizations prepare for AI at scale.The discussion explores why AI readiness is not just about deploying Copilot licenses but understanding and controlling the data that powers AI experiences. Peter explains how Microsoft Purview provides visibility into sensitive information, helps classify and protect business-critical data, and enables organizations to apply Zero Trust principles across their Microsoft 365 environment.The conversation covers key capabilities including Data Loss Prevention (DLP), sensitivity labels, information protection, insider risk management, auditing, compliance monitoring, and data governance. These tools help ensure tha…
June 7, 2026

The Shadow Data Blindspot: Mapping What You Can’t See with Purview

In this episode of the M365 FM Podcast, we explore one of the biggest hidden risks in modern data governance: shadow data. While Microsoft Purview provides powerful visibility into governed data sources, many organizations assume that what Purview cannot see does not exist. That assumption creates a dangerous blind spot.The discussion explains how shadow data emerges across disconnected systems, unmanaged repositories, legacy platforms, third-party applications, personal storage locations, and forgotten workloads that sit outside normal governance processes. These hidden data stores often contain sensitive business information, intellectual property, customer records, and compliance-relevant content that never appears in standard Purview reporting.The episode breaks down why organizations frequently mistake data discovery for complete data visibility. Even with strong classification, labeling, and compliance controls in Microsoft 365, governance can only protect what it can ac…
Guest: Mirko Peters
June 4, 2026

I building a Synthetic Market for M365 Strategy

In this episode, Mirko Peters explores why successful Microsoft 365 strategy should be approached like building a synthetic market rather than deploying technology in isolation. The core idea is that Microsoft 365 creates an internal economy where information, collaboration, automation, governance, and AI capabilities continuously interact. Organizations that focus only on individual tools such as Teams, SharePoint, Power Platform, or Copilot often miss the larger system dynamics that drive long-term value.The discussion highlights that every platform decision creates incentives and behaviors. Poor governance can encourage content sprawl, uncontrolled workspace growth, and fragmented knowledge, while well-designed governance creates trust, discoverability, and sustainable adoption. The episode argues that strategy is not about maximizing feature usage but about shaping the conditions that allow productive behaviors to emerge naturally across the organization.A key theme is tha…
Guest: Mirko Peters
May 30, 2026

The Model is the Vulnerability: Securing Copilot with Entra ID and Zero Trust

"The Model Is the Vulnerability" explains that the biggest security risk in Microsoft Copilot is not the AI itself, but the data, identities, and permissions the model can access. Copilot amplifies existing security weaknesses by making enterprise information easier to discover, summarize, and expose at scale.The article emphasizes that Copilot does not create new permissions. Instead, it operates within existing Microsoft 365 access controls. If organizations have excessive privileges, outdated permissions, poor governance, or weak identity management, AI will surface those problems faster and with greater impact.To reduce risk, the article recommends an identity-first security model built on Microsoft Entra ID and Zero Trust principles. Every user, device, application, and request should be continuously verified rather than automatically trusted. Key controls include Multi-Factor Authentication (MFA), Conditional Access, least-privilege access, Privileged Identity Management…
Guest: Mirko Peters
May 23, 2026

Secure-by-Design AI: Protecting MLOps in the Microsoft Cloud with Martin Dimovski [MVP-MCT]

In this episode of the m365.fm podcast, Mirko Peters speaks with Microsoft MVP and cloud security expert Martin Dimovski about securing AI workloads and MLOps environments in Microsoft Cloud. The conversation focuses on why AI security must be treated as a core business requirement instead of an afterthought.Martin explains the growing risks organizations face as they rapidly deploy AI agents, large language models, APIs, and cloud-native AI solutions without fully understanding the security implications. The episode highlights how AI introduces new attack surfaces while also amplifying existing cybersecurity weaknesses.A major theme is “secure-by-design” architecture. Martin stresses that security should start during the planning and design phase, not after deployment. Topics include threat modeling, identity protection, secure pipelines, infrastructure hardening, API security, and governance. He emphasizes that security teams should work alongside developers and DevOps teams…
May 23, 2026

Inside Enterprise Security: AD Tiering & Privileged Access with Viktor Hedberg [MVP - MCT]

In this episode of the m365.fm podcast, host Mirko Peters speaks with cybersecurity expert Viktor Hedberg about the importance of securing enterprise environments through Active Directory (AD) tiering and privileged access management.The discussion explores how attackers commonly target privileged accounts to move laterally through corporate networks and why traditional “flat” admin models are no longer sufficient. Viktor explains the concept of AD tiering, where administrative privileges are separated into security tiers to reduce the blast radius of compromised credentials. He also highlights the role of privileged access workstations (PAWs), just-in-time administration, and strong identity protection practices.The episode covers real-world attack scenarios, lessons learned from incident response engagements, and practical recommendations for organizations running hybrid Microsoft environments. Key themes include reducing standing privileges, enforcing multi-factor authentic…
May 18, 2026

AI Meets Security: A Conversation with Danilo Nogueira [Microsoft]

“AI Meets Security” is a deep-dive conversation between Mirko Peters and Microsoft Senior Product Manager Danilo Nogueira about how AI is reshaping enterprise security, governance, and compliance. The episode explains that the biggest challenge with Microsoft Copilot and AI adoption is not the technology itself, but the hidden weaknesses already existing inside many Microsoft 365 environments.Danilo highlights that oversharing in SharePoint, weak permissions, poor governance, and missing classification policies become far more dangerous once AI can instantly surface information through natural language prompts. Organizations often believe they are “AI ready” because they purchased licenses, but true readiness requires understanding data access, governance structures, and organizational behavior.A major focus is Microsoft Purview, which Danilo compares to a “baby monitor” for enterprise data. Instead of blocking everything, modern security should focus on monitoring, visibility…
May 13, 2026

Protecting Microsoft Copilot with Purview, DLP & Insider Risk with Alan Cox [MVP]

In this episode of the M365.fm podcast, Microsoft MVP Alan Cox joins us to discuss how organizations can securely adopt Microsoft 365 Copilot using Microsoft Purview, Data Loss Prevention (DLP), and Insider Risk Management.As AI becomes increasingly integrated into daily work, protecting sensitive business data while enabling productivity is becoming a major priority for IT and security teams. Alan explains how Microsoft Purview helps organizations manage data governance, reduce oversharing risks, and apply security controls that work alongside Microsoft 365 Copilot.The conversation explores how DLP policies can help prevent sensitive information from being exposed through AI-powered experiences, how Insider Risk Management can identify potentially risky user behavior, and why adaptive protection is changing the way businesses approach security and compliance in Microsoft 365.Alan also shares practical guidance around Copilot readiness, governance strategies, compliance co…
May 12, 2026

The Service Principal Crisis: Why Personal Accounts Are Killing Your Security

Your Microsoft 365 automation environment is probably running on borrowed identity. In this episode of the M365FM Podcast, we expose one of the biggest hidden risks inside modern cloud architecture: enterprise workflows tethered to personal user accounts. It starts innocently enough. An engineer builds a Power Automate flow, connects a Logic App, configures a Power BI refresh, or deploys a SharePoint integration using their own credentials because it is fast and convenient. But the moment that p...
May 12, 2026

Beyond the Firewall: Why Your Azure SQL Security Is Obsolete

In this episode of the M365.FM Podcast, the discussion focuses on a critical shift happening in cloud security: the collapse of the traditional network perimeter. The episode explains why Azure SQL firewall rules, static IP allowlists, VPN-based trust models, and long-standing “inside the network equals safe” assumptions are no longer effective in modern enterprise environments. Instead of attacking infrastructure directly, modern attackers increasingly bypass perimeter controls through compromised identities, stolen credentials, over-privileged service principals, token abuse, and lateral movement inside trusted environments.The episode argues that many organizations still operate Azure SQL deployments using outdated security patterns designed for traditional datacenters rather than cloud-native systems. While companies continue relying on firewall rules, trusted VNets, and static connection methods, modern workloads constantly move across APIs, pipelines, automation platforms, A…
Guest: Mirko Peters
May 11, 2026

Red Teaming Multi-Model AI: Why Manual Testing Fails in Finance

In this episode of the m365.fm podcast, Mirko Peters explores why traditional AI security testing is no longer enough in modern enterprise environments. The discussion focuses on “red teaming” for multi-model AI systems, especially in highly regulated industries like finance, where multiple AI models, copilots, APIs, and automation layers interact with each other.The episode explains how manual testing methods fail because AI systems behave differently depending on context, chained prompts, integrations, memory, and user behavior. A model that appears secure in isolation can become vulnerable once connected to other systems or autonomous workflows. Mirko highlights that modern attacks are no longer simple prompt injections — they are multi-step, adaptive, and often invisible until damage has already occurred.A key theme is that organizations must stop treating AI as a chatbot and instead view it as an operational decision system with real business impact. The episode breaks do…
Guest: Mirko Peters
May 8, 2026

The Truth About Microsoft Security and Copilot Readiness with Åsne Holtklimpen [MVP/MCT]

In this episode of the M365 FM Podcast, Åsne Holtklimpen joins Mirko Peters to discuss the real challenges behind Microsoft Copilot adoption and AI readiness in Microsoft 365 environments. The core message is clear: Copilot does not create security problems — it exposes the governance and security gaps that already exist inside organizations. The conversation focuses on common issues such as overshared SharePoint sites, outdated permissions, forgotten Teams channels, uncontrolled data sprawl, and missing governance strategies. Åsne explains how many organizations rushed into cloud collaboration during the pandemic without proper structure, and AI tools now make these weaknesses far more visible. A major part of the episode highlights the importance of Microsoft Purview, sensitivity labels, Data Loss Prevention (DLP), Conditional Access, and Zero Trust principles. These tools help organizations classify sensitive information, secure access, and prevent Copilot from exposing confide…
May 5, 2026

Is Your Copilot Safe: Stop Prompt Injections with Azure Logic Apps

In this episode of the M365.fm podcast, the discussion focuses on one of the biggest hidden risks in Microsoft Copilot environments: prompt injection attacks. The episode explains that the real security problem is not weak prompts or missing filters, but the architecture behind how AI models process information. Modern AI systems like Microsoft Copilot retrieve data from multiple Microsoft 365 sources such as emails, SharePoint files, chats, and forms. If malicious instructions are hidden inside that content, Copilot can unknowingly treat them as trusted instructions.The episode highlights how attacks like EchoLeak and ShareLeak demonstrated that attackers do not need direct access to the AI system itself. Instead, they can poison the surrounding context by embedding malicious payloads into documents or messages that Copilot later retrieves. Once the model processes those inputs, sensitive information may be exposed or workflows may be manipulated.Traditional security approach…
Guest: Mirko Peters
May 5, 2026

Stop Deepfake BEC: The Verified ID Strategy

This episode explores how deepfake-enabled Business Email Compromise (BEC) attacks are becoming more convincing and dangerous for organizations. Traditional trust signals like email addresses, writing style, or even voice messages are no longer reliable because attackers can now imitate executives and employees with AI-generated content.The episode explains that organizations must move away from trust based on appearance and instead adopt identity verification as a core security strategy. Verified ID systems, strong identity governance, and cryptographic proof of identity are presented as the future foundation for secure communication and approval workflows.A major focus is the risk around financial approvals, executive requests, and sensitive business operations. The discussion highlights how attackers exploit urgency, authority, and familiarity to bypass human judgment. Even experienced employees can be manipulated when deepfake audio, video, or realistic email impersonation…
Guest: Mirko Peters
April 30, 2026

Your Sensitivity Labels Are A Lie: The Collaborative AI Silo Crisis

This episode argues that sensitivity labels are widely misunderstood and often give organizations a false sense of security. While they appear to enforce governance, in reality they are static, incomplete, and poorly maintained—making them ineffective in dynamic, AI-driven environments.The core issue is not the labeling technology itself, but the way organizations structure and manage their data. Most environments suffer from fragmented information spread across Teams, SharePoint, and other systems, creating silos that block both collaboration and effective AI usage. As a result, AI tools like Copilot cannot access the right data and are forced to generate outputs based on incomplete or outdated information.This leads to what the episode describes as an “AI rework loop”: AI produces confident but incorrect results, and employees must spend significant time validating and fixing them. In many cases, a large portion of AI-generated work requires correction, eroding the expected …
Guest: Mirko Peters
April 24, 2026

The Copilot Coworker: Why Your AI Strategy is Building Digital Debt

This episode explains that treating AI like a simple add-on tool—especially Microsoft Copilot—can quietly create “digital debt” inside organizations. The problem isn’t the AI itself, but the messy, ungoverned Microsoft 365 environments it relies on. Copilot acts as a powerful coworker that instantly exposes all accessible data, meaning existing issues like oversharing, poor structure, and lack of governance become highly visible and amplified.The key message is that AI doesn’t fix broken systems—it scales them. If your environment is chaotic, AI will accelerate that chaos. Without proper data governance, security controls, and clear operating models, companies risk building long-term complexity and risk instead of value.To avoid this “digital debt,” organizations need to focus on fixing their foundations first—clean data, controlled access, and strong governance—before scaling AI adoption.
Guest: Mirko Peters
April 21, 2026

Stop Selling Security: How to Pitch a Strategic Business Asset

Ever wonder why your Security Pitch Fails, even when you know the risks? You talk about security, but the board wants to hear about business value. Today, security is more than just stopping threats. Leaders want proof that security protects growth, builds trust, and keeps the business running. You see technology failures as technical issues, but executives see them as risks to revenue and reputation. Take a moment—have you ever felt your security message just didn’t connect? Boards now view sec...
Guest: Mirko Peters
April 14, 2026

Why Your Compliance Strategy Is Your Only Real Competitive Advantage

In this episode of m365.fm, we explore why a strong compliance strategy is no longer just a regulatory requirement—but a true competitive advantage. Learn how traditional governance approaches fail at scale and why embedding compliance directly into Microsoft 365 workflows is key to enabling productivity, reducing risk, and supporting AI-driven tools like Copilot. Discover how modern organizations turn governance from a blocker into a business enabler through automation and architecture.
Guest: Mirko Peters
April 13, 2026

I Audited 500 Microsoft 365 Tenants – Here’s the Real Maturity Formula

This episode explores the Microsoft 365 maturity model through real-world insights gathered from auditing over 500 tenants. Instead of relying on theoretical frameworks, it uncovers how most organizations struggle with Microsoft 365 governance maturity, hidden misconfigurations, and the growing gap between perceived and actual security. You’ll learn why traditional approaches to M365 tenant audits often fail, and what patterns consistently separate mature environments from those at risk.By breaking down a practical, experience-driven maturity formula, this episode shows how to improve Microsoft 365 governance, strengthen compliance, and scale operations effectively. It highlights the role of automation, operational discipline, and continuous assessment in achieving true Microsoft 365 maturity, making it essential listening for IT leaders, administrators, and consultants aiming to elevate their tenant security and governance strategy.
Guest: Mirko Peters