The security presentation by Michael Sampson was very basic, he went on for about 20 minutes about various different types of Phising emails, the level of the audience really didn’t need that level of information. When I asked a question at the end other presenters were happy to come back to me with answers where as Michael didn’t seem overly concerned to answer my question.

Ouch.

That was the (only) comment I received after presenting on Safeguarding the Digital Workplace at the conference in Auckland last month. I clearly misjudged the audience and the level of the content that I needed to present. There were reasons that I designed the deck in the way I did, but if that comment was reflective of the overall audience, what I prepared was built on a shaky foundation. I will need to re-think my approach.

And in terms of the question that I failed to answer, it was because [1] it was about something I hadn’t even talked about in my session, and [2] I assumed the questioner would just look it up themselves. And [3] I was already way over time – due to bad time flow on my behalf. But the questioner is right: I could have and should have done more to answer the question, whether in the session or afterwards. 

The question was: can I run Windows Defender and another anti-virus program at the same time on my PC? The answer, it appears, is “it depends – sort of – if you must – with some limitations.” For example:

• Windows Defender and Malwarebytes – a second anti-malware program will disable Windows Defender; one anti-malware program is enough.
• Windows Defender and Malwarebytes – the free version of Malwarebytes Anti-Malware only runs on-demand, so it is not a scheduled task, and therefore can run alongside Windows Defender.
• Windows Defender and Avast Anti-Virus – Windows Defender is good enough without needing Avast; Windows Defender should be more than adequate for home and small business users, etc.
• Windows Defender and Norton – it’s possible but not necessary. Just choose one.

For the record, I don’t have a second anti-virus or anti-malware application running on my Windows 10 devices.

And yet, in terms of whether you should or not, I’d be looking wider for a protection strategy that:

• Offers advanced threat protection, such as Office 365 Advanced Threat Protection with Safe Links and Safe Attachments to address post-delivery weaponisation and emergent threats.
• Includes device status roll-up to a security administrator, for analysing the status of endpoints to detect and rectify weird behaviour. For example, Microsoft Defender Advanced Threat Protection.
• Reinforces good user behaviour through awareness training, reporting of potential threats, and focused protection based on infection simulations.

I used to complain to James when we were speaking at conferences together if no one told me how I could improve what I presented – and James became very adept at giving me some great pointers. The above comment wasn’t from James, but to whomever wrote it – thank you. I value it greatly and will re-think my approach to that deck and message – and yes – how I handle questions.