Update March 7, 2022: Sign up for additional Microsoft Cloud Week for Partner events – The first several cloud weeks we’ve hosted so far this year have trained thousands of our partners and their employees, and we hope to pass along knowledge to many more in the coming months. Learn more about and register for the other upcoming Microsoft Cloud Week for Partners events, which include Azure, Security, and Business Applications.

The rapid growth of cloud computing is driving the need for ever-improving cloud security solutions to prevent data breaches and other security incidents, which reached a new record number in 2021.

Technology professionals need to ensure their knowledge stays up to date so they can understand how to keep data and valuable system assets protected. For our partners, it’s vital that your skills are fresh and relevant to real-world scenarios because customers are putting their businesses in your hands and trusting that you will notice security gaps.

During our upcoming Security Cloud Week for Partners, we want to help partners achieve Microsoft certifications related to Azure and Microsoft 365 security technologies and discover how Microsoft Security, Compliance, and Identity solutions handle online threats. This event is a good place for our partners’ tech professionals to start their training journey in security and learn hands-on technical skills of all levels.

Offering a combination of training and tools for any role

Data breaches are serious across all businesses, and they especially hit manufacturing and utility sectors last year, but proper security measures—from implementing zero-trust and multi-factor authorization to updating and patching systems on a regular basis—can limit or even prevent many attacks. To help you learn about and be able to implement such measures, Security Cloud Week for Partners offers the training needed to prepare for the following certification exams:

While gaining certifications is an indication of your expertise in a subject, we also want it to show you’re ready for practical problem solving. I appreciate that we’ve changed our exams over the years from testing rote memorization of facts to gauging learners’ ability to design realistic solutions. The SC-900 training, for example, begins with concepts such as why zero-trust should be the foundational idea behind any organization’s security and covers different types of attacks and how they can affect systems. Identity-based attacks and different identity models, multi-factor authentication, and detailed information about network security and security and privacy compliance are among the many topics covered by the training and exam. All of this information can be applied to defending any organization against attempts to swipe data or gain control of systems.

In addition to helping increase knowledge about cybersecurity, Microsoft offers industry-leading security tools, which is why Gartner has named Microsoft Security a Leader in five Magic Quadrants. For instance, Microsoft Sentinel, our cloud-native SIEM, and Microsoft Defender for Cloud (previously called Azure Security Center) can help you manage Azure-based resources as well as VMs and cloud services that use Amazon Web Services or Google Cloud Platform. These tools also provide security and compliance management capabilities for physical and virtual machines running in your own data center. The key advantage of these comprehensive security tools for our partners is the integration they offer, providing end-to-end visibility into customers’ system landscapes.

Developing a deep understanding of security

As our partners’ tech professionals look to increase their expertise within security, they may wonder about where to start. Security is a huge subject, and it’s difficult to become an expert at all of it. I recommend three topics to focus on: identity, attack methods, and networking knowledge.

1. Identity: As a general rule, an attacker’s primary goal is to authenticate to or gain a measure of control over a system. Typically, this involves stealing credentials or assuming an identity that is trusted by the system. It’s critically important to know how users, applications, and systems authenticate and are granted access to resources because that’s where attackers will be targeting your environment. The MS-100, MS-500, SC-300, and the AZ-800 exam (now in beta) all require a good understanding of how identity works in a hybrid environment.
2. Attack methods: How would you secure your home against a burglar if you knew in advance the methods that would be used? You would put extra effort in defending against the method most likely to be attempted, but you’d also want to secure against other methods as well. The same holds true with learning about cybersecurity. That means subscribing to security blogs, such as the Microsoft Security Response Center blog or Krebs on Security by Brian Krebs, and following social media accounts that focus on security. Preparing for the Microsoft SC-200 exam also teaches about tools for identifying network attackers.
3. Networking knowledge: Microsoft has created a logical user interface for the threat-hunting processes in Microsoft Defender and Microsoft Sentinel that removes much of the network complexity from the systems admin’s view. But at some point, an attacker’s traffic goes across a network, and you may need to identify that traffic. Understanding attacks is usually dependent upon knowing about networking—knowing how DNS requests are being issued to a CnC server, or how a DDoS attack is being carried out, for example. The Network+ exam is a good starting point for general knowledge. For the Microsoft environment, challenge yourself with the AZ-700: Designing and Implementing Azure Networking Solutions exam, which will be covered in the Security Cloud Week for Partners sessions.

If you’re still not sure which area of security interests you or where to target your learning, I suggest taking a few of the courses on Microsoft Learn that relate to security technologies for Azure and Microsoft 365. By using Microsoft Learn, you can limit the amount of information you consume each day and track your progress. It gets you in the habit of being a continual learner while working toward certifications and being “project ready,” going beyond the certifications and getting hands-on experience with security technology. Microsoft partner-focused training can help with that, too, through our advanced role-based courses. Our training on identity and access administration, for example, can be supplemented with a “challenge experience,” in which learners are given a set of tasks and asked to perform them in a virtual lab environment.

Register now for Security Cloud Week for Partners

If you’re a Microsoft partner, Security Cloud Week for Partners—which takes place from February 7-11—offers an ideal opportunity to make progress toward security certifications with both fundamental and role-based courses. The five-day virtual training experience allows learners to build skills through a choice of instructor-led courses, on-demand labs, and both live Q&A and offline Q&A sessions. Two live training sessions will be held each day of the event.

Register today to start developing the security skills you need to be successful in your role and for your customers.