Join the list! or Get updates on new episodes!
Join 10,000 other listeners and get updates on new episodes.
As quantum computing moves from theory toward reality, many organizations are focusing on replacing RSA and ECC with post-quantum cryptography. But in this episode of M365.fm, Mirko Peters argues that simply choosing a new algorithm is not enough. The real challenge is cryptographic agility: the ab…
As organizations rapidly adopt Microsoft 365 Copilot, AI agents, and generative AI technologies, one challenge stands above all others: ensuring data is secure, governed, and compliant. In this episode of M365 FM, Mirko Peters speaks with Peter Rising, Senior Partner Solution Architect at Microsoft…
In this episode of the M365 FM Podcast, we explore one of the biggest hidden risks in modern data governance: shadow data. While Microsoft Purview provides powerful visibility into governed data sources, many organizations assume that what Purview cannot see does not exist. That assumption creates …
In this episode, Mirko Peters explores why successful Microsoft 365 strategy should be approached like building a synthetic market rather than deploying technology in isolation. The core idea is that Microsoft 365 creates an internal economy where information, collaboration, automation, governance,…
"The Model Is the Vulnerability" explains that the biggest security risk in Microsoft Copilot is not the AI itself, but the data, identities, and permissions the model can access. Copilot amplifies existing security weaknesses by making enterprise information easier to discover, summarize, and expo…
In this episode of the m365.fm podcast, Mirko Peters speaks with Microsoft MVP and cloud security expert Martin Dimovski about securing AI workloads and MLOps environments in Microsoft Cloud. The conversation focuses on why AI security must be treated as a core business requirement instead of an af…
In this episode of the m365.fm podcast, host Mirko Peters speaks with cybersecurity expert Viktor Hedberg about the importance of securing enterprise environments through Active Directory (AD) tiering and privileged access management.The discussion explores how attackers commonly target privile…
“AI Meets Security” is a deep-dive conversation between Mirko Peters and Microsoft Senior Product Manager Danilo Nogueira about how AI is reshaping enterprise security, governance, and compliance. The episode explains that the biggest challenge with Microsoft Copilot and AI adoption is not the tech…
In this episode of the M365.fm podcast, Microsoft MVP Alan Cox joins us to discuss how organizations can securely adopt Microsoft 365 Copilot using Microsoft Purview, Data Loss Prevention (DLP), and Insider Risk Management.As AI becomes increasingly integrated into daily work, protecting sensit…
Your Microsoft 365 automation environment is probably running on borrowed identity. In this episode of the M365FM Podcast, we expose one of the biggest hidden risks inside modern cloud architecture: enterprise workflows tethe...
In this episode of the M365.FM Podcast, the discussion focuses on a critical shift happening in cloud security: the collapse of the traditional network perimeter. The episode explains why Azure SQL firewall rules, static IP allowlists, VPN-based trust models, and long-standing “inside the network e…
In this episode of the m365.fm podcast, Mirko Peters explores why traditional AI security testing is no longer enough in modern enterprise environments. The discussion focuses on “red teaming” for multi-model AI systems, especially in highly regulated industries like finance, where multiple AI mode…
In this episode of the M365 FM Podcast, Åsne Holtklimpen joins Mirko Peters to discuss the real challenges behind Microsoft Copilot adoption and AI readiness in Microsoft 365 environments. The core message is clear: Copilot does not create security problems — it exposes the governance and security …
In this episode of the M365.fm podcast, the discussion focuses on one of the biggest hidden risks in Microsoft Copilot environments: prompt injection attacks. The episode explains that the real security problem is not weak prompts or missing filters, but the architecture behind how AI models proces…
This episode explores how deepfake-enabled Business Email Compromise (BEC) attacks are becoming more convincing and dangerous for organizations. Traditional trust signals like email addresses, writing style, or even voice messages are no longer reliable because attackers can now imitate executives …
This episode argues that sensitivity labels are widely misunderstood and often give organizations a false sense of security. While they appear to enforce governance, in reality they are static, incomplete, and poorly maintained—making them ineffective in dynamic, AI-driven environments.The core…
This episode explains that treating AI like a simple add-on tool—especially Microsoft Copilot—can quietly create “digital debt” inside organizations. The problem isn’t the AI itself, but the messy, ungoverned Microsoft 365 environments it relies on. Copilot acts as a powerful coworker that instantl…
Ever wonder why your Security Pitch Fails, even when you know the risks? You talk about security, but the board wants to hear about business value. Today, security is more than just stopping threats. Leaders want proof that s...
In this episode of m365.fm, we explore why a strong compliance strategy is no longer just a regulatory requirement—but a true competitive advantage. Learn how traditional governance approaches fail at scale and why embedding compliance directly into Microsoft 365 workflows is key to enabling produc…
This episode explores the Microsoft 365 maturity model through real-world insights gathered from auditing over 500 tenants. Instead of relying on theoretical frameworks, it uncovers how most organizations struggle with Microsoft 365 governance maturity, hidden misconfigurations, and the growing gap…
In this episode, we challenge a common misconception in Microsoft 365 governance: having policies in place does not mean your environment is truly governed. Many organizations rely on documented rules, guidelines, and compliance frameworks, assuming they will control user behavior and protect data.…
Most Microsoft 365 environments don’t fail audits because of missing controls—they fail because of governance debt. Over time, quick fixes, unclear ownership, and poorly aligned operating models create hidden structural issues. These problems stay invisible until an audit exposes them, triggering l…
In this episode, we explore why Microsoft 365 environments are often less secure than they appear. While most organizations focus on security tools and settings, the real risk lies in what we call the “invisible tenant” — a hidden layer of misconfigurations, excessive permissions, and missing gover…
Most organizations think they understand their infrastructure. They see tools, licenses, configurations… dashboards that suggest control. But none of that tells you what’s actually happening. In reality, your Microsoft 365 environment isn’t just infrastructure—it’s a living system of decisions, beh…