What you need to know
- Microsoft highlighted several measures it is taking to resolve cybersecurity-related issues.
- The Redmond giant plans to hold executives accountable for cybersecurity by tying part of their compensation packages to achieving security goals and metrics.
- We also plan to improve response time and remediation when dealing with security issues.
Over the past few months, Microsoft has come under fire for a “chain of security failures” coupled with anti-competitive cloud business practices. Speculation has emerged that government agencies and large enterprises are overly reliant on Microsoft's cloud services, forcing them to overlook cybersecurity threats that are negatively impacting their services.
“Security underpins every layer of the technology stack, and it's our top priority,” Microsoft CEO Satya Nadella said on a recent earnings call. “We are committed to this very important initiative and are prioritizing security above all other capabilities and investments.”
Satya Nadella's plans for his cybersecurity division appear to be taking shape. In a new blog post, Microsoft highlighted the steps it's taking to strengthen the security of its services and products overall, including protecting identities and secrets and monitoring and detecting threats. But perhaps more importantly, the company is working to improve response times and remediation when security issues are flagged.
Interestingly, Microsoft plans to hold executives accountable for cybersecurity. From now on, part of the compensation package will be tied to achieving set security goals.
Charlie Bell, Microsoft's senior vice president of security, said:
“We will ensure accountability by basing a portion of our senior leadership team’s compensation on security plans and milestone achievement. We will also implement several organizational changes and additional oversight and management. We are taking significant steps to strengthen our security governance, including the “Security Governance'' report. “
Hacker takes charge of Microsoft lawsuit
Complaining to the EU about Microsoft's anti-competitive cloud practices, industry group CISPE said: “Microsoft is using its dominance in productivity software to limit options as European customers look to move to the cloud. “As a result, Europe's digital economy is being distorted.”
In the past few months, Microsoft has faced two major cyberattacks. The first incident was caused by the hacker group Midnight Blizzard. The deceptive ruse granted access to confidential emails between Microsoft and its customers.
The second encounter involved the Russian hacker group Nobelium. The attack was designed to give hackers access to the emails of Microsoft executives, the report said. It will be interesting to see how the new rules and regulations imposed by Microsoft affect the company's cybersecurity division and potentially solve the security issues plaguing the company.
