1 week ago
152
Microsoft CEO Satya Nadella said that his company will focus increasingly on security and overhauling processes related to the same after many products of the firm have been reportedly hit by high-profile hacking attempts. Reports in the last few weeks suggested that the leadership in the company is worried about the security of its products and Satya Nadella said in the company's latest quarterly earning call with investors that Microsoft is prioritising security above new products and services.
Satya Nadella speaks during the "Microsoft Build: AI Day" event in Bangkok, Thailand.(Reuters) Read more: India contains ‘unexplored’ opportunities, will see in future: Warren Buffett
Read Satya Nadella's memo to Microsoft employees here:
Satya Nadella wrote in the memo, "Today, I want to talk about something critical to our company’s future: prioritizing security above all else.
Unlock exclusive access to the latest news on India's general elections, only on the HT App. Download Now! Download Now!
Microsoft runs on trust, and our success depends on earning and maintaining it. We have a unique opportunity and responsibility to build the most secure and trusted platform that the world innovates upon.
The recent findings by the Department of Homeland Security’s Cyber Safety Review Board (CSRB) regarding the Storm-0558 cyberattack, from summer 2023, underscore the severity of the threats facing our company and our customers, as well as our responsibility to defend against these increasingly sophisticated threat actors.
Read more: Refractory Shapes IPO opens for subscription today: Check price, GMP, details
Last November, we launched our Secure Future Initiative (SFI) with this responsibility in mind, bringing together every part of the company to advance cybersecurity protection across both new products and legacy infrastructure. I’m proud of this initiative, and grateful for the work that has gone into implementing it. But we must and will do more.
Going forward, we will commit the entirety of our organization to SFI, as we double down on this initiative with an approach grounded in three core principles:
• Secure by Design: Security comes first when designing any product or service.
• Secure by Default: Security protections are enabled and enforced by default, require no extra effort, and are not optional.
• Secure Operations: Security controls and monitoring will continuously be improved to meet current and future threats.
Read more: Winsol Engineers IPO opens today with price band at ₹71-75 per share: Details
These principles will govern every facet of our SFI pillars as we: Protect Identities and Secrets, Protect Tenants and Isolate Production Systems, Protect Networks, Protect Engineering Systems, Monitor and Detect Threats, and Accelerate Response and Remediation. We’ve shared specific, company-wide actions each of these pillars will entail - including those recommended in the CSRB’s report which you can learn about here. Across Microsoft, we will mobilize to implement and operationalize these standards, guidelines, and requirements and this will be an added dimension of our hiring and rewards decisions. In addition, we will instill accountability by basing part of the compensation of the senior leadership team on our progress towards meeting our security plans and milestones.
We must approach this challenge with both technical and operational rigor, and with a focus on continuous improvement. Every task we take on - from a line of code, to a customer or partner process – is an opportunity to help bolster our own security and that of our entire ecosystem. This includes learning from our adversaries and the increasing sophistication of their capabilities, as we did with Midnight Blizzard. And learning from the trillions of unique signals we’re constantly monitoring to strengthen our overall posture. It also includes stronger, more structured collaboration across the public and private sector.
Security is a team sport, and accelerating SFI isn’t just job number one for our security teams — it’s everyone’s top priority and our customers’ greatest need.
If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security. In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems. This is key to advancing both our platform quality and capability such that we can protect the digital estates of our customers and build a safer world for all."
