October 30, 2025 • 9 mins
Global cyber attacks in 2025 have exposed the risks of decentralised Microsoft automation. Learn why centralised oversight of tools like PowerShell is essential for IT resilience, security, and rapid incident response.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Throughout 2025,global enterprises like Qantas,Jaguar,
(00:04):
Asahi,Workday,and more,have been dealt crushing blows by cyber attacks,
bringing their business operations to a standstill for extended periods of time.
These attacks have naturally caused huge disruption,
financial loss,and reputational damage for the companies affected.
The mounting frequency,severity,and publicity of these attacks in recent years has given us a sense that well-known brands are being outpaced by malicious actors in the cat and mouse game of cybersecurity.
(00:34):
No doubt,there is mounting pressure on IT and information security teams to ensure that their company does not become the next victim of such an attack.
With Cybersecurity Awareness Month coming to a close,
we’d like to offer our perspective on a crucial factor in today’s cybersecurity playing field,
the governance (or lack thereof) of automation strategies in enterprise-grade Microsoft infrastructure.
(00:58):
.
.
.
.
.
.
Microsoft Automation (01:00):
A Force for Evil or for Good.
.
.
.
IT teams use a variety of tools to automate Microsoft environments,
saving hundreds of hours per year in the execution of mundane tasks across the business,
such as new user onboarding,device configuration,and network maintenance.
This is a key function in modern digitized business,
(01:23):
underpinning the enterprise infrastructure that thousands of employees rely on to do their jobs effectively.
As a rule,only qualified and credentialed professionals should be able to tinker with automation tools such as PowerShell,
preventing unvetted individuals from causing costly errors that can affect the business at large.
However, even professionals can make mistakes, and hackers know this.
(01:47):
With the strengthened cybersecurity postures of organizations centered around zero-trust principles,
attackers are increasingly turning to PowerShell as a means of infiltrating company networks.
By gaining access to credentials that let them execute PowerShell scripts on company machines with elevated privileges,
hackers can cement their covert presence in target systems and make it harder for security teams to track and trace their activities.
(02:13):
This makes admin-level IT professionals with credentialed access to PowerShell a key target for social engineering and other forms of infiltration.
Although measures can be taken to limit a compromised individual or device’s ability to create havoc using PowerShell,
things can slip through the cracks,particularly when deception or irrational behaviors are involved.
(02:35):
Because of this,it is extremely important to maintain robust,
top-down,centralized oversight over the implementation of automation strategies in Microsoft environments throughout the business,
no matter how much you trust the people using them.
.
.
.
Our question to you for Cybersecurity Awareness Month is this (02:51):
Is your oversight over automation tools like PowerShell comprehensive enough?
.
.
.
.
.
.
Common Pitfalls in PowerShell Automation Strategy.
.
.
.
You trust your team.
Each member has proven their expertise in using tools like PowerShell and been given security credentials accordingly.
(03:13):
You’ve briefed them on cybersecurity policy and best practices.
You’re confident that they won’t cause undue errors,
and you’ve made sure that they understand the responsibility that lies on their shoulders.
But when push comes to shove,and things go wrong in your IT infrastructure,
do you actually know what PowerShell scripts have been used,
by whom,and where?
(03:33):
When automation is seen as an individual or team-specific responsibility rather than as a centrally managed function,
entropy is inevitable.
This results in a typical snowball of inefficiencies that harm productivity and weaken the company’s overall security posture (03:42):
Teams or individual users create their own version of scripts and workflows.
These workflows lack proper documentation, version control, standardization, or accountability.
Over time,conflicting automation methods emerge across departments,
(04:06):
and undocumented scripts go under the radar.
When something goes wrong, no one knows which script version should be restored.
This is an unproductive state of affairs which becomes increasingly likely as businesses grow,
in addition to compounding the severity of disruption in the case of an attack.
.
.
.
.
.
.
When attackers strike, how do you respond?
(04:28):
.
.
.
Due to the fundamentally decentralized nature of your automation strategy,
your team faces increased challenges in identifying,
tracking,and neutralizing a security breach when things go wrong (04:37):
.
.
.
1.
Lack of Omniscient, Real-Time Visibility.
Logs are dispersed across different machines,servers,
or cloud storage folders,and there is no comprehensive,
real-time overview of PowerShell usage across the business.
.
.
.
2.
(04:57):
Delayed Incident Response.
As a result of the above,IT security teams are forced to investigate malicious activity manually,
slowly,and after the fact,by which time it could be too late.
.
.
.
3.
No Clear Ownership.
When undocumented automation scripts go under the radar,
it can be difficult to determine where to find them in the logs,
(05:20):
and who was responsible for executing them.
The result is a costly delay in responses to breaches or execution failures,
and huge headaches for the teams in charge of identifying the cause,
mitigating the disruption,and repairing the damage.
.
.
.
During this time, the knock-on effect on the rest of the business is dire.
Key infrastructure is down,and teams across the business are prone to SLA breaches,
(05:45):
project delays,increased workloads,and audit failures.
Meanwhile,the business as a whole suffers from downtime costs,
reputational damage,and potential penalties from falling foul of data protection regulations.
Preventing this situation is not just a technical problem, but an organizational one.
It must be solved at the foundation of your automation strategy,
(06:08):
and not just in your cybersecurity policy.
As recent attacks show,effective centralized oversight is not an option,
but a necessity,for ensuring the resilience,productivity,
and reliability of your long-term IT strategy.
.
.
.
.
.
.
Centralized Oversight – The Spine of a Resilient IT Team.
(06:28):
.
.
.
A centralized approach to Microsoft automation transforms it from a useful time-saving tool for individual teams into a company-wide productivity platform — one where every workflow is guaranteed to be accountable,
compliant with regulations,and optimized for productivity.
The following are characteristics of a centralized approach to Microsoft automation that we suggest are key to preventing security breaches and minimizing disruption when they do occur (06:46):
.
.
.
1.
Unified Oversight Across All Automations.
Every automation is created and executed from a central command hub.
This ensures total oversight over automation workflows throughout the business, with no blind spots.
(07:12):
.
.
.
2.
Pre-Execution Validation.
Automation scripts are scanned,logged,and policy-checked before they run,
stopping malicious commands disguised as routine IT tasks from ever being executed.
Standardized,pre-approved script libraries can be set up to eliminate shadow automation and allow for seamless self-service use when required.
(07:34):
.
.
.
3.
Defined Roles and Access Policies.
Rather than managing user permissions on an ad-hoc basis,
these can easily be tied to specific workflows and job functions through an intuitive interface.
This reduces entry points for attackers and allows for total accountability.
.
.
.
4.
Fast Forensic Analysis Suspicious executions are flagged in real time.
(07:59):
IT teams can easily trace an attack from start to finish and take mitigating action immediately.
This cuts forensic response time from days to minutes, radically reducing disruption caused.
.
.
.
The benefits of these four characteristics are felt not only in security but in the overall productivity of Microsoft automations in modern IT infrastructure.
(08:22):
.
.
.
.
.
.
A Final Thought for Strategic IT Leaders (08:23):
Be Proactive vs Reactive.
.
.
.
Throughout this article, we’ve hinted at the need to be proactive instead of reactive.
Knowing that security breaches are inevitable,IT leaders must take steps not only to prevent them,
but also to minimize the potential disruption and costs that they can cause if they get through.
(08:46):
As cyber threats evolve, so must our approach to defending against them.
Microsoft automation is no longer just a nice-to-have time-saving activity for IT professionals;
it must be a strategic approach that requires the same governance as any other critical infrastructure in a business.
An effective centralized governance framework established at the foundation of your automation strategy ensures that every base is covered before an attack comes in,
(09:13):
and that you’re back on your feet as soon as possible after the threat has been neutralized.
The message from recent attacks is clear (09:17):
If you don't control your automations, someone else will.
Set your system up to win in advance.
Throughout 2025,global enterprises like Qantas,Jaguar,
(00:04):
Asahi,Workday,and more,have been dealt crushing blows by cyber attacks,
bringing their business operations to a standstill for extended periods of time.
These attacks have naturally caused huge disruption,
financial loss,and reputational damage for the companies affected.
The mounting frequency,severity,and publicity of these attacks in recent years has given us a sense that well-known brands are being outpaced by malicious actors in the cat and mouse game of cybersecurity.
(00:34):
No doubt,there is mounting pressure on IT and information security teams to ensure that their company does not become the next victim of such an attack.
With Cybersecurity Awareness Month coming to a close,
we’d like to offer our perspective on a crucial factor in today’s cybersecurity playing field,
the governance (or lack thereof) of automation strategies in enterprise-grade Microsoft infrastructure.
(00:58):
.
.
.
.
.
.
Microsoft Automation (01:00):
A Force for Evil or for Good.
.
.
.
IT teams use a variety of tools to automate Microsoft environments,
saving hundreds of hours per year in the execution of mundane tasks across the business,
such as new user onboarding,device configuration,and network maintenance.
This is a key function in modern digitized business,
(01:23):
underpinning the enterprise infrastructure that thousands of employees rely on to do their jobs effectively.
As a rule,only qualified and credentialed professionals should be able to tinker with automation tools such as PowerShell,
preventing unvetted individuals from causing costly errors that can affect the business at large.
However, even professionals can make mistakes, and hackers know this.
(01:47):
With the strengthened cybersecurity postures of organizations centered around zero-trust principles,
attackers are increasingly turning to PowerShell as a means of infiltrating company networks.
By gaining access to credentials that let them execute PowerShell scripts on company machines with elevated privileges,
hackers can cement their covert presence in target systems and make it harder for security teams to track and trace their activities.
(02:13):
This makes admin-level IT professionals with credentialed access to PowerShell a key target for social engineering and other forms of infiltration.
Although measures can be taken to limit a compromised individual or device’s ability to create havoc using PowerShell,
things can slip through the cracks,particularly when deception or irrational behaviors are involved.
(02:35):
Because of this,it is extremely important to maintain robust,
top-down,centralized oversight over the implementation of automation strategies in Microsoft environments throughout the business,
no matter how much you trust the people using them.
.
.
.
Our question to you for Cybersecurity Awareness Month is this (02:51):
Is your oversight over automation tools like PowerShell comprehensive enough?
.
.
.
.
.
.
Common Pitfalls in PowerShell Automation Strategy.
.
.
.
You trust your team.
Each member has proven their expertise in using tools like PowerShell and been given security credentials accordingly.
(03:13):
You’ve briefed them on cybersecurity policy and best practices.
You’re confident that they won’t cause undue errors,
and you’ve made sure that they understand the responsibility that lies on their shoulders.
But when push comes to shove,and things go wrong in your IT infrastructure,
do you actually know what PowerShell scripts have been used,
by whom,and where?
(03:33):
When automation is seen as an individual or team-specific responsibility rather than as a centrally managed function,
entropy is inevitable.
This results in a typical snowball of inefficiencies that harm productivity and weaken the company’s overall security posture (03:42):
Teams or individual users create their own version of scripts and workflows.
These workflows lack proper documentation, version control, standardization, or accountability.
Over time,conflicting automation methods emerge across departments,
(04:06):
and undocumented scripts go under the radar.
When something goes wrong, no one knows which script version should be restored.
This is an unproductive state of affairs which becomes increasingly likely as businesses grow,
in addition to compounding the severity of disruption in the case of an attack.
.
.
.
.
.
.
When attackers strike, how do you respond?
(04:28):
.
.
.
Due to the fundamentally decentralized nature of your automation strategy,
your team faces increased challenges in identifying,
tracking,and neutralizing a security breach when things go wrong (04:37):
.
.
.
1.
Lack of Omniscient, Real-Time Visibility.
Logs are dispersed across different machines,servers,
or cloud storage folders,and there is no comprehensive,
real-time overview of PowerShell usage across the business.
.
.
.
2.
(04:57):
Delayed Incident Response.
As a result of the above,IT security teams are forced to investigate malicious activity manually,
slowly,and after the fact,by which time it could be too late.
.
.
.
3.
No Clear Ownership.
When undocumented automation scripts go under the radar,
it can be difficult to determine where to find them in the logs,
(05:20):
and who was responsible for executing them.
The result is a costly delay in responses to breaches or execution failures,
and huge headaches for the teams in charge of identifying the cause,
mitigating the disruption,and repairing the damage.
.
.
.
During this time, the knock-on effect on the rest of the business is dire.
Key infrastructure is down,and teams across the business are prone to SLA breaches,
(05:45):
project delays,increased workloads,and audit failures.
Meanwhile,the business as a whole suffers from downtime costs,
reputational damage,and potential penalties from falling foul of data protection regulations.
Preventing this situation is not just a technical problem, but an organizational one.
It must be solved at the foundation of your automation strategy,
(06:08):
and not just in your cybersecurity policy.
As recent attacks show,effective centralized oversight is not an option,
but a necessity,for ensuring the resilience,productivity,
and reliability of your long-term IT strategy.
.
.
.
.
.
.
Centralized Oversight – The Spine of a Resilient IT Team.
(06:28):
.
.
.
A centralized approach to Microsoft automation transforms it from a useful time-saving tool for individual teams into a company-wide productivity platform — one where every workflow is guaranteed to be accountable,
compliant with regulations,and optimized for productivity.
The following are characteristics of a centralized approach to Microsoft automation that we suggest are key to preventing security breaches and minimizing disruption when they do occur (06:46):
.
.
.
1.
Unified Oversight Across All Automations.
Every automation is created and executed from a central command hub.
This ensures total oversight over automation workflows throughout the business, with no blind spots.
(07:12):
.
.
.
2.
Pre-Execution Validation.
Automation scripts are scanned,logged,and policy-checked before they run,
stopping malicious commands disguised as routine IT tasks from ever being executed.
Standardized,pre-approved script libraries can be set up to eliminate shadow automation and allow for seamless self-service use when required.
(07:34):
.
.
.
3.
Defined Roles and Access Policies.
Rather than managing user permissions on an ad-hoc basis,
these can easily be tied to specific workflows and job functions through an intuitive interface.
This reduces entry points for attackers and allows for total accountability.
.
.
.
4.
Fast Forensic Analysis Suspicious executions are flagged in real time.
(07:59):
IT teams can easily trace an attack from start to finish and take mitigating action immediately.
This cuts forensic response time from days to minutes, radically reducing disruption caused.
.
.
.
The benefits of these four characteristics are felt not only in security but in the overall productivity of Microsoft automations in modern IT infrastructure.
(08:22):
.
.
.
.
.
.
A Final Thought for Strategic IT Leaders (08:23):
Be Proactive vs Reactive.
.
.
.
Throughout this article, we’ve hinted at the need to be proactive instead of reactive.
Knowing that security breaches are inevitable,IT leaders must take steps not only to prevent them,
but also to minimize the potential disruption and costs that they can cause if they get through.
(08:46):
As cyber threats evolve, so must our approach to defending against them.
Microsoft automation is no longer just a nice-to-have time-saving activity for IT professionals;
it must be a strategic approach that requires the same governance as any other critical infrastructure in a business.
An effective centralized governance framework established at the foundation of your automation strategy ensures that every base is covered before an attack comes in,
(09:13):
and that you’re back on your feet as soon as possible after the threat has been neutralized.
The message from recent attacks is clear (09:17):
If you don't control your automations, someone else will.
Set your system up to win in advance.
Popular Podcasts
Las Culturistas with Matt Rogers and Bowen Yang
Ding dong! Join your culture consultants, Matt Rogers and Bowen Yang, on an unforgettable journey into the beating heart of CULTURE. Alongside sizzling special guests, they GET INTO the hottest pop-culture moments of the day and the formative cultural experiences that turned them into Culturistas. Produced by the Big Money Players Network and iHeartRadio.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
The Brothers Ortiz
The Brothers Ortiz is the story of two brothers–both successful, but in very different ways. Gabe Ortiz becomes a third-highest ranking officer in all of Texas while his younger brother Larry climbs the ranks in Puro Tango Blast, a notorious Texas Prison gang. Gabe doesn’t know all the details of his brother’s nefarious dealings, and he’s made a point not to ask, to protect their relationship. But when Larry is murdered during a home invasion in a rented beach house, Gabe has no choice but to look into what happened that night. To solve Larry’s murder, Gabe, and the whole Ortiz family, must ask each other tough questions.