Join the list! or Get updates on new episodes!
Join 10,000 other listeners and get updates on new episodes.
In this episode of the m365.fm podcast, Mirko Peters speaks with Microsoft MVP and cloud security expert Martin Dimovski about securing AI workloads and MLOps environments in Microsoft Cloud. The conversation focuses on why AI security must be treated as a core business requirement instead of an af…
In this episode of the m365.fm podcast, host Mirko Peters speaks with cybersecurity expert Viktor Hedberg about the importance of securing enterprise environments through Active Directory (AD) tiering and privileged access management.The discussion explores how attackers commonly target privile…
“AI Meets Security” is a deep-dive conversation between Mirko Peters and Microsoft Senior Product Manager Danilo Nogueira about how AI is reshaping enterprise security, governance, and compliance. The episode explains that the biggest challenge with Microsoft Copilot and AI adoption is not the tech…
In this episode of the M365.fm podcast, Microsoft MVP Alan Cox joins us to discuss how organizations can securely adopt Microsoft 365 Copilot using Microsoft Purview, Data Loss Prevention (DLP), and Insider Risk Management.As AI becomes increasingly integrated into daily work, protecting sensit…
In this episode of the M365.FM Podcast, the discussion focuses on a critical shift happening in cloud security: the collapse of the traditional network perimeter. The episode explains why Azure SQL firewall rules, static IP allowlists, VPN-based trust models, and long-standing “inside the network e…
In this episode of the m365.fm podcast, Mirko Peters explores why traditional AI security testing is no longer enough in modern enterprise environments. The discussion focuses on “red teaming” for multi-model AI systems, especially in highly regulated industries like finance, where multiple AI mode…
In this episode of the M365 FM Podcast, Åsne Holtklimpen joins Mirko Peters to discuss the real challenges behind Microsoft Copilot adoption and AI readiness in Microsoft 365 environments. The core message is clear: Copilot does not create security problems — it exposes the governance and security …
In this episode of the M365.fm podcast, the discussion focuses on one of the biggest hidden risks in Microsoft Copilot environments: prompt injection attacks. The episode explains that the real security problem is not weak prompts or missing filters, but the architecture behind how AI models proces…
This episode explores how deepfake-enabled Business Email Compromise (BEC) attacks are becoming more convincing and dangerous for organizations. Traditional trust signals like email addresses, writing style, or even voice messages are no longer reliable because attackers can now imitate executives …
This episode argues that sensitivity labels are widely misunderstood and often give organizations a false sense of security. While they appear to enforce governance, in reality they are static, incomplete, and poorly maintained—making them ineffective in dynamic, AI-driven environments.The core…
This episode explains that treating AI like a simple add-on tool—especially Microsoft Copilot—can quietly create “digital debt” inside organizations. The problem isn’t the AI itself, but the messy, ungoverned Microsoft 365 environments it relies on. Copilot acts as a powerful coworker that instantl…
Ever wonder why your Security Pitch Fails, even when you know the risks? You talk about security, but the board wants to hear about business value. Today, security is more than just stopping threats. Leaders want proof that s...
In this episode of m365.fm, we explore why a strong compliance strategy is no longer just a regulatory requirement—but a true competitive advantage. Learn how traditional governance approaches fail at scale and why embedding compliance directly into Microsoft 365 workflows is key to enabling produc…
This episode explores the Microsoft 365 maturity model through real-world insights gathered from auditing over 500 tenants. Instead of relying on theoretical frameworks, it uncovers how most organizations struggle with Microsoft 365 governance maturity, hidden misconfigurations, and the growing gap…
In this episode, we challenge a common misconception in Microsoft 365 governance: having policies in place does not mean your environment is truly governed. Many organizations rely on documented rules, guidelines, and compliance frameworks, assuming they will control user behavior and protect data.…
Most Microsoft 365 environments don’t fail audits because of missing controls—they fail because of governance debt. Over time, quick fixes, unclear ownership, and poorly aligned operating models create hidden structural issues. These problems stay invisible until an audit exposes them, triggering l…
In this episode, we explore why Microsoft 365 environments are often less secure than they appear. While most organizations focus on security tools and settings, the real risk lies in what we call the “invisible tenant” — a hidden layer of misconfigurations, excessive permissions, and missing gover…
Most organizations think they understand their infrastructure. They see tools, licenses, configurations… dashboards that suggest control. But none of that tells you what’s actually happening. In reality, your Microsoft 365 environment isn’t just infrastructure—it’s a living system of decisions, beh…
This episode argues that the biggest governance mistake in Microsoft 365 isn’t misconfiguration—it’s timing. Most organizations treat governance as something to “add later,” but by doing that, they unintentionally design failure into the system from day one.The core idea is that governance isn’…
This episode breaks down why Microsoft 365 governance and security are not just technical concerns but organizational responsibilities. It explains how a structured governance framework—built on security, compliance, data protection, and clear ownership—prevents chaos like permission sprawl, data l…
In this episode, we dismantle a common Microsoft Teams governance myth: that the Teams Admin Center is the central command for controlling Teams behavior and enforcing governance.Most organizations treat the Admin Center like a control tower — but it’s actually a downstream service console, not…
Is Power Platform actually dangerous for the enterprise—or is that fear hiding a more uncomfortable truth?In this episode, we dismantle the question executives keep asking: “Is Power Platform secure enough?” The answer is sharper than most teams expect. Yes—Microsoft’s Power Platform security i…
This episode opens with a blunt warning: Microsoft Foundry isn’t just another AI feature you can casually approve and forget. It’s an agent factory, and if execution comes before governance, you are almost guaranteed to create the next generation of shadow IT. Most future AI incidents won’t come fr…
This episode plays out like a cybercrime thriller, exposing how today’s most dangerous breaches don’t smash doors—they’re invited inside. The investigation opens with a single click on January 12th. A polished phishing email doesn’t steal a password; it steals a session token. Within minutes, that …