Hybrid Identity Protection Podcast·Dec 16, 2025·22m·Episode #84

Fixing Legacy AD Risk in a Hybrid World with Christopher Brumm, Cyber Security Architect at glueckkanja AG

Download audio Show notes Apple Podcasts Spotify

Show notes

This episode features Christopher Brumm, Cyber Security Architect at glueckkanja AG.

With 15+ years in IT security, Chris has worked across Microsoft’s security portfolio and beyond, moving from network and data-center defense into deep identity work with Active Directory and Entra ID. He’s now an identity SME, a GK Identity Community moderator, a frequent community speaker, and a regular writer on security and identity.

In this episode, Chris explores the limitations of Active Directory security and how Microsoft’s new Global Secure Access directly addresses those gaps. He breaks down how zero trust principles and granular controls work in practice, and why connecting on-prem servers to the cloud is now simpler and safer. Chris shows how this shift strengthens defenses by enforcing access through identity-first policies instead of outdated network-centric models.

This is a clear, field-tested walkthrough of why hybrid identity security needs a new playbook, and how Global Secure Access helps teams close the holes attackers rely on most.

Guest Bio

For over 15 years, Christopher Brumm has been immersed in IT security topics, possessing extensive knowledge and practical experience in the Microsoft Security Portfolio and beyond. Over the years, he has progressed from network and data center topics to Active Directory and Entra ID, delving deeper into identity security. Today, he is a Subject Matter Expert for Identity in the Security Team and a moderator of the GK Identity Community. He regularly speaks at community events and publishes blog posts on security and identity topics. Chris's latest passion is Global Secure Access, where the themes of identity, security, and networking converge to enable a comprehensive Zero Trust approach.

Guest Quote

“It’s not realistic to modernize protocols like Kerberos or SMB to support MFA and device compliance... but we have an option to control the network layer.”

Time stamps

01:07 Meet Christopher Brumm: Microsoft Security MVP and CISSP

02:00 The Hybrid Identity Attack Playbook

06:03 Active Directory vs. Entra ID: The Security Gap

09:02 Breaking Down Global Secure Access

11:58 What This Looks Like for Real Users

16:17 Bringing Zero Trust to the Network Layer

17:50 What You Need to Deploy Global Secure Access

20:48 Conclusion and Final Thoughts

Sponsor

The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more.

Links

Connect with Christopher on LinkedIn

Learn more about glueckkanja AG

Watch Christopher’s talk at HIPConf 2025

Connect with Sean on LinkedIn

Don't miss future episodes

Learn more about Semperis

← Previous

The Anatomy of Attack Path Management with Daniel Stefaniak, VP Architect - Cybersecurity and Identity at JPMorgan Chase

Inside HIP Conf 2025 with Guido Grillenmeier, Semperis Principal Technologist

This episode features Christopher Brumm, Cyber Security Architect at glueckkanja AG. With 15+ years in IT security, Chris has worked across Microsoft’s security portfolio and beyond, moving from network and data-center defense into deep identity work with Active Directory and Entra ID. He’s now an identity SME, a GK Identity Community moderator, a frequent community speaker, and a regular writer on security and identity. In this episode, Chris explores the limitations of Active Directory security and how Microsoft’s new Global Secure Access directly addresses those gaps. He breaks down how zero trust principles and granular controls work in practice, and why connecting on-prem servers to the cloud is now simpler and safer. Chris shows how this shift strengthens defenses by enforcing access through identity-first policies instead of outdated network-centric models. This is a clear, field-tested walkthrough of why hybrid identity security needs a new playbook, and how Global Secure Access helps teams close the holes attackers rely on most. Guest Bio For over 15 years, Christopher Brumm has been immersed in IT security topics, possessing extensive knowledge and practical experience in the Microsoft Security Portfolio and beyond. Over the years, he has progressed from network and data center topics to Active Directory and Entra ID, delving deeper into identity security. Today, he is a Subject Matter Expert for Identity in the Security Team and a moderator of the GK Identity Community. He regularly speaks at community events and publishes blog posts on security and identity topics. Chris's latest passion is Global Secure Access, where the themes of identity, security, and networking converge to enable a comprehensive Zero Trust approach. Guest Quote “It’s not realistic to modernize protocols like Kerberos or SMB to support MFA and device compliance... but we have an option to control the network layer.” Time stamps 01:07 Meet Christopher Brumm: Microsoft Security MVP and CISSP 02:00 The Hybrid Identity Attack Playbook 06:03 Active Directory vs. Entra ID: The Security Gap 09:02 Breaking Down Global Secure Access 11:58 What This Looks Like for Real Users 16:17 Bringing Zero Trust to the Network Layer 17:50 What You Need to Deploy Global Secure Access 20:48 Conclusion and Final Thoughts Sponsor The HIP Podcast is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world’s leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more. Links Connect with Christopher on LinkedIn Learn more about glueckkanja AG Watch Christopher’s talk at HIPConf 2025 Connect with Sean on LinkedIn Don't miss future episodes Learn more about Semperis