Microsoft outlines security principles and goals tied to executive compensation packages, following a scathing US Cyber Safety Review Board report in April 2024
expanding Microsoft's Secure Future Initiative Tom Warren / The Verge : Read Satya Nadella's Microsoft memo on putting security first Tom Krazit / Runtime : Microsoft wants to be judged on security Andrew Cunningham / Ars Technica : Microsoft ties executive pay to security following multiple failures and breaches Todd Bishop / GeekWire : Internal memo: Microsoft CEO Satya Nadella delivers a new mandate on security David Jones / Cybersecurity Dive : Microsoft restructures security governance, aligning deputy CISOs and engineering teams The Official Microsoft Blog : Prioritizing security above all else Sam Sabin / Axios : Microsoft cracks down on security after attacks Maria Deutscher / SiliconANGLE : Microsoft details broad plan to enhance its cybersecurity practices Matt Milano / WebProNews : Microsoft Pivots to ‘Security Above All Else’ Ryan Naraine / SecurityWeek : Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report Laurent Giret / Thurrott : Microsoft Says it's Making Security its “Top Priority” TechRadar : Microsoft adds more security chiefs following recent cyberattacks Thom Holwerda / OSnews : Microsoft overhaul treats security as ‘top priority’ after a series of failures Michael Kan / PCMag : Microsoft Pledges to Make Security a ‘Top Priority’ After Recent Hacks John Callaham / Neowin : Microsoft officially says it is “making security our top priority” from now on Eliasgroll / CyberScoop : Microsoft organizational changes seek to address security failures Todd Bishop / GeekWire : Microsoft will base part of senior exec comp on security, add deputy CISOs to product groups Elizabeth Montalbano / CSO : Microsoft continues to add, shuffle security execs in the wake of security incidents Stephen E. Arnold / Beyond Search : Microsoft: Security Debt and a Cooked Goose Mastodon: Alex Gantman / @againsthimself@ioc.exchange : Microsoft's deja-vu security moment. — Nadella, 2024: “If you're faced with the tradeoff between security and another priority, your answer is clear: Do security.” — https://www.theverge.com/... Gates, 2002: “So now, when we face a choice between adding features and resolving security issues, we need to choose security.” … X: @msftsecurity : We're putting security above all else at Microsoft by expanding the Secure Future Initiative—our commitment to delivering solutions that meet the highest possible security standards. Learn more: https://www.microsoft.com/... #SecureByDesign #CloudSecurity Tom Warren / @tomwarren : scoop: Microsoft CEO Satya Nadella wants employees to never make a security tradeoff, even if it means dropping legacy support. “If you're faced with the tradeoff between security and another priority, your answer is clear: Do security.” Full memo here👇 https://www.theverge.com/... David O'Brien / @david_obrien : I understand why Microsoft is using the language they are using in their latest Secure Future Initiative article ( https://www.microsoft.com/...), but I can only wonder how “100%” all those “100%” can actually be in reality. Eric Geller / @ericgeller : In a new update on its Secure Future Initiative, Microsoft says it will base senior leadership compensation partly on progress toward security goals, empower its CISO, add new deputy CISOs overseeing key tasks, and hold regular executive and board reviews. https://www.microsoft.com/... [image] Frank McGovern / @frankmcg : Microsoft and @satyanadella have released a memo in response to the @CISACyber report about them. Priority and clear lines that say security is above features and legacy technology support. Something I called out below that they should adjust from. 👏🏼 https://www.theverge.com/... @cisagov : Earlier this year the CSRB recommended actions that @Microsoft should take to mitigate risk following a MS Online Exchange intrusion. We commend today's updates & look forward to working with Microsoft to advance towards a more secure future! https://www.theverge.com/... Mark Russinovich / @markrussinovich : Security has always been a top priority for Azure and Microsoft but now it's THE top priority: Justin Elze / @hackinglz : I'm interested to see how this works when security also generates revenue. It is definitely going to be an interesting balance. “Read Satya Nadella's Microsoft memo on putting security first” https://www.theverge.com/... [image] John Lambert / @johnlatwc : Thankful to the CSRB for their careful thought and recommendations and the spirit of learning from incidents. Sherrod DeGrippo / @sherrod_im : “If you're faced with the tradeoff between security and another priority, your answer is clear: Do security” — Satya Nadella, CEO Microsoft, May 3, 2024. https://www.microsoft.com/... Paul Thurrott / @thurrott : Microsoft, 2002: “Secure by design, secure by default” Microsoft, 2024: “Secure by design, secure by default” Microsoft, between those announcements: “Tee-hee-hee” Vasu Jakkal / @vasujakkal : Today we are expanding and increasing our Secure Future Initiative - making it every @Microsoft employees' top priority. Security is of the utmost importance, especially in today's ever-evolving threat landscape, and we must all do our part to keep our customers & world safe.🩷 Jen Easterly / @cisajen : Great to see this direction from the very top. @CISAgov looks forward to continuing to work closely w/@Microsoft to ensure a #securebydesign software ecosystem. Kudos to @DHSgov's Cyber Safety Review Board for helping drive change for a secure cyberspace. https://www.theverge.com/... Steve Stone / @stonepwn3000 : Lot of debate on how we got here, but I think Microsoft deserves credit for making security part of every employee's role and also tying executive compensation to security improvements. Those are bold pivots. https://www.theverge.com/... Tom Warren / @tomwarren : Microsoft is making security its #1 priority after a series of damaging attacks. The overhaul includes: • portion of leadership compensation based on security goals • deputy CISOs in each product team • engineering focused on security full details 👇 https://www.theverge.com/... LinkedIn: Antonio Hawkins : Announcing the massive expansion of our Secure Future Initiative ! — Our commitment to prepare and operationalize cybersecurity protections across … Roger Grimes : I applaud Microsoft's re-commitment to SECURITY FIRST. I believe it. But will Microsoft commit to only selling PHISHING-RESISTANT MFA, instead of pushing stuff that is easy to bypass?? … Rich Mogull : Finally! — This is exactly what I was hoping would happen, now we get to see if it pays off. I was originally skeptical of the Trustworthy Computing Initiative and I was proven wrong. … Najat Messaoud : As Microsoft plays a central role in the world's digital ecosystem, we're putting security above all else. … Forums: Hacker News : Microsoft overhaul treats security as ‘top priority’ after a series of failures r/technews : Microsoft overhaul treats security as “top priority” after a series of failures