For most organizations, Active Directory (AD) is the key to identity and access management, which means it is vital that it stays operational and secure. Unfortunately, AD faces a surplus of risks every single day. Whether from ever-frequent cyber and ransomware attacks or critical misconfigurations, effective AD cybersecurity risk management can be a daunting endeavour.

Active Directory has long been a favourite target for threat and is likely to remain so for the foreseeable future given it is the first line of defence across the business. 

With regulatory scrutiny at an all time high, including the recent updates to NIS(2) what should organisations focus on to build a defensible position for either an ad-hoc regulator visit or when a breach happens?  Chris will look at the expectations and requirements coming from the regulators and compare these to common challenges to managing  Active Directory and look at how to build controls that pass the smoke test!