For over a decade, nation-state threat actors have consistently targeted university Active Directory (AD) environments, often with far-reaching consequences. As the threat landscape evolves, so too must our defenses. This session presents a forward-looking roadmap for strengthening AD security in 2025, with a focus on preventing lateral movement and privilege escalation. Attendees will gain practical guidance on implementing Protected Workstations, Privileged Identity Management (PIM), and building an effective monitoring and alerting framework to detect and respond to modern threats. Whether you're beginning your AD security journey or refining an existing approach, this talk will provide actionable insights tailored for the unique challenges of higher education.

Sign up here: https://www.synapticcyber.com/speaker-series/activedirectory

Explore trends in ransomware, phishing, and supply chain attacks.
Unique higher-ed challenges (open networks, BYOD, decentralized IT)

Tactics for embedding security into academic freedom
Awareness campaigns, threat modeling for researchers, etc.

Live simulated IR walkthrough — roles, decisions, escalation
Cross-departmental coordination (IT, Legal, Comms, Admin)

Identity governance across students, faculty, researchers
Lessons from integrating with InCommon/eduGAIN

Endpoint Detection & Response (EDR), patching strategies
Securing Google Workspace / O365 / AWS / academic compute clusters

Coordinating scanning and remediation across decentralized and shadow IT

Interactive session with legal teams or privacy officers
Real-world scenarios and conflict resolution

Hands-on workshop reviewing and updating outdated policy documents
Focus on making policy useful, accessible, and enforceable

Realistic use cases for AI in higher-ed security: triage, detection, automation
Limitations, hallucinations, and where human judgment still rules
Tools, trends, and how to experiment responsibly