Microsoft's Major Security Transformation Revealed in New Report
Microsoft's Security Overhaul
In response to past criticisms and a scathing report from the US Cyber Safety Review Board, Microsoft has made significant strides in transforming its security culture. The company launched its Secure Future Initiative (SFI) in November 2023, mobilizing the equivalent of 34,000 engineers dedicated to cybersecurity efforts.
Every employee is now evaluated on their security contributions, with performance reviews directly linked to security efforts. Recent upgrades include improvements to Entra ID and automated management of access tokens using Azure hardware security modules.
Key Improvements
- Enhanced Compliance: Microsoft now tracks over 99% of its physical network for compliance and logging, retaining audit logs for two years.
- New Standards Implemented: Microsoft has adopted a Start Right, Stay Right, and Get Right approach to ensure adherence to security protocols.
- Dedicated Leadership: A new Cybersecurity Governance Council has been established, with 13 deputy CISOs appointed to spearhead security initiatives.
These steps demonstrate Microsoft's commitment to transparency and enhancing its security landscape while fostering a culture of continuous learning.
This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.