Tatu Seppälä - Upcoming Speaking Engagements

Thrive Conference 2026

08/06/2026, Kompas Xnet
Ljubljana, Slovenia

Taming the Wild West of Generative AI with Purview and Defender

security

governance

defender

purview

genai

IT and security teams are struggling to keep up with the explosive growth of "free" Generative AI services. The growing sprawl of new AI tools coupled with their universal attractiveness to people across industries and roles makes it difficult to build guardrails to direct business users to do their work with authorized tools and services. At the same time, ungoverned use of consumer GenAI services exposes business data (including personal data, financial information and intellectual property) to unsustainable data security and compliance risks, while limiting the adoption of authorized enterprise services like Microsoft's Copilot offering. Still, the goal of security teams is not to simply say "no." Rather, it is to sustainably enable business productivity by understanding underlying user requirements and providing secure and authorized tools to get the job done. Seems like a tough challenge to accomplish at scale! Luckily, there are now proven strategies to do just that. Intelligently combining capabilities from Microsoft Purview (Data Loss Prevention) and Defender (Defender for Cloud Apps, Defender for Endpoint) product families can help create technical guardrails that stay current with minimal ongoing manual admin effort while putting organizational policy to practice and keeping users aware of what's expected of them when it comes to utilizing AI services at work. During the session, we'll cover and demo technical topics like: - How to identify and manage ongoing use of GenAI services with Defender for Cloud Apps (MDA) and Defender for Endpoint (MDE) - How to monitor and curtail exfiltration of sensitive business data to consumer GenAI services with Purview Endpoint DLP - How to use Defender capabilities like Advanced Hunting coupled with data from Purview, MDA & MDE to build a granular understanding of the use of GenAI services across roles and departments You will take home easy and clear patterns and practices you can put to use immediately to start getting a grip on GenAI at work. This practical session is especially useful for security responsibles as well IT Pros and admins. It is valuable for anyone with a technical background in Microsoft cloud services.

Thrive Conference 2026

08/06/2026, Kompas Xnet
Ljubljana, Slovenia

Insider threat: First aid for a misunderstood risk vector

security

sentinel

defender

purview

insider-risk

entra-id

"It is said that only a fool learns from his own mistakes; a wise man from the mistakes of others." -Otto von Bismarck While we've been routinely protecting against external attackers for years, we've also often willingly ignored the other side of the equation: the hundreds or thousands of insiders - current and former company employees and contractors - with continuous access to sensitive internal information 24/7/365. In 2024, Gartner predicted that by 2027, as much as 70% of organizations will combine data loss prevention and insider risk management disciplines with IAM context to identify suspicious insider behavior more effectively. It's not hard to understand why insider threat has been neglected so far: * Investigating and mitigating against insider threat is a murky topic especially for those approaching it from the more clear-cut Blue team / Red team world of external attacker focused cybersecurity. * Timely visibility into real insider threat isn't tied to any single alert or event. It takes a fusion of human and technical data points, put into proper context (and parsed into chronological sequences with a bit of help from AI) to enable sufficiently rapid actions. Cross-organization collaboration beyond cybersecurity and IT teams is a must. * Organizations tend to have idealistic and even rosy views of how their trusted employees are accessing and handling business data before you can prove decision makers the risk is real with data. In fact, for insider risk investigations, the entire paradigm is different - potential threats are assumed to be non-malicious & should remain anonymous until proven guilty. Still, technology plays a vital role in helping limit the opportunities for insider threat to actualize. While the root causes of insider threat are ultimately non-technical, thoughtful use of available technology plays a key role in limiting the conditions in which these risks can turn into reputational or financial harm. In this session, I'll demo and discuss topics relevant to mitigating insider risk such as: * "Edward Snowden was a SharePoint admin" - the essentials of identity and access hygiene with Entra ID * "The absence of a Capable Guardian" - the link between Routine Activity Theory and an effective Purview Data Loss Prevention solution * "The signal-to-noise ratio" - the differences between types of insider threats and the preferred technical countermeasures for each * "Connecting the dots" - the most valuable event logs to collect to allow effective detection of sequences of risky insider activity and data exfiltration with Purview Insider Risk Management As an attendee, you will l leave this session with a clear idea on what you can start working on immediately to help lay the technical foundations to enable your insider risk program. The session is well-suited for data security responsibles and decision makers, security architects and anyone curious to learn more about insider threat - and how to start addressing it.

CollabDays Poland 2026

11/06/2026, Microsoft Polska
Warszawa, Poland

Secure and sustainable vibe development in Power Platform - top risks and mitigations

security

power-platform

owasp-top-10

vibe-development

Low-code/no-code platforms and AI-assisted tooling have lowered the barrier of entry to solution development for a significant number of people. While this represents a major leap forward in enabling business to create their own tooling and enhance productivity, unchecked "vibe development" also causes significant security and compliance risks, as well as new governance challenges. In this session, we look at key risks such as authentication failures and authorization misuse, sensitive data leakage and use of vulnerable components, among others. We identify effective mitigations and remedies for each risk from the Power Platform admin toolkit, showing how to use the latest Microsoft features and capabilities to implement guardrails against the hazards of AI-boosted development. Topics such as MCP server controls, Agent to Agent guardrails and the latest security and governance features for Copilot Studio agentic scenarios will be discussed. If you're a technical specialist, platform responsible or decision maker wondering how to grapple with the temptations and dangers of vibe dev, this session is an excellent fit for you. You will leave with clear action points to explore and implement to help manage relevant risks. The content is informed by the speaker's field experience and the freshly released OWASP Top 10 risks for Citizen Development, the review board of which the speaker was part of.

CollabDays Hamburg 2026

27/06/2026, Ahfs
Hamburg, Germany

Taming the Wild West of Generative AI with Purview and Defender

security

governance

defender

purview

genai

IT and security teams are struggling to keep up with the explosive growth of "free" Generative AI services. The growing sprawl of new AI tools coupled with their universal attractiveness to people across industries and roles makes it difficult to build guardrails to direct business users to do their work with authorized tools and services. At the same time, ungoverned use of consumer GenAI services exposes business data (including personal data, financial information and intellectual property) to unsustainable data security and compliance risks, while limiting the adoption of authorized enterprise services like Microsoft's Copilot offering. Still, the goal of security teams is not to simply say "no." Rather, it is to sustainably enable business productivity by understanding underlying user requirements and providing secure and authorized tools to get the job done. Seems like a tough challenge to accomplish at scale! Luckily, there are now proven strategies to do just that. Intelligently combining capabilities from Microsoft Purview (Data Loss Prevention) and Defender (Defender for Cloud Apps, Defender for Endpoint) product families can help create technical guardrails that stay current with minimal ongoing manual admin effort while putting organizational policy to practice and keeping users aware of what's expected of them when it comes to utilizing AI services at work. During the session, we'll cover and demo technical topics like: - How to identify and manage ongoing use of GenAI services with Defender for Cloud Apps (MDA) and Defender for Endpoint (MDE) - How to monitor and curtail exfiltration of sensitive business data to consumer GenAI services with Purview Endpoint DLP - How to use Defender capabilities like Advanced Hunting coupled with data from Purview, MDA & MDE to build a granular understanding of the use of GenAI services across roles and departments You will take home easy and clear patterns and practices you can put to use immediately to start getting a grip on GenAI at work. This practical session is especially useful for security responsibles as well IT Pros and admins. It is valuable for anyone with a technical background in Microsoft cloud services.

Security Architect

Finland

Upcoming Speaking Engagements

Meet Tatu next at

Thrive Conference 2026

08/06/2026

Tatu can deliver sessions in

Relevant industries

Connect with Tatu

Important links

Report speaker profile

Thank you for reporting this profile, we are going to review it as soon as possible.