Satya Nadella spoke about new unprecedented security measures in the company.
Microsoft CEO Satya Nadella said that the company is implementing new unprecedented measures to strengthen cybersecurity. The Cybersecurity Council recently completed an investigation into a major malicious operation, Storm-0558, discovered in the summer of 2023 and affecting many Microsoft customers. This incident prompted the corporation to review its internal policies.
Nadella stressed that Microsoft has a unique opportunity to create the most " reliable and secure technology platform for innovation worldwide." Recent events have demonstrated the seriousness of the threats facing the corporation and its customers, as well as the need to counter increasingly sophisticated hacking tricks.
Back in November last year, the company launched the Secure Future Initiative (SFI) program to strengthen the protection of new products and existing infrastructure. Now these rules will be finalized and will come into full force.
The SFI approach will be based on three key principles:
Security at the design stage: Ensuring cybersecurity will be the main requirement when developing any product or service.
Default security: All security features will be enabled by default, and no additional user actions will be required.
Secure operations: continuous improvement of control and monitoring measures to counter existing and new threats.
These principles will apply to the key areas of SFI: identity protection, tenant protection, isolation of production environments, protection of networks, engineering systems, threat monitoring, accelerated response and vulnerability correction. A detailed action plan for each of them, including recommendations from the Cybersecurity Council, has already been published.
If there is any conflict between security and other priorities, absolute preference will be given to security. This may also mean that the company will have to delay the release of some products or abandon outdated systems. Moreover, part of the remuneration of Microsoft's senior management team will now directly depend on success in the field of cybersecurity.
The SFI initiative involves not only technical, but also operational changes, continuous improvement, development of employees skills to counter increasing threats, as well as closer interaction with public and private organizations. Nadella said that ensuring security is a "team effort," and speeding up the SFI program is becoming an absolute priority for all Microsoft departments.
Microsoft CEO Satya Nadella said that the company is implementing new unprecedented measures to strengthen cybersecurity. The Cybersecurity Council recently completed an investigation into a major malicious operation, Storm-0558, discovered in the summer of 2023 and affecting many Microsoft customers. This incident prompted the corporation to review its internal policies.
Nadella stressed that Microsoft has a unique opportunity to create the most " reliable and secure technology platform for innovation worldwide." Recent events have demonstrated the seriousness of the threats facing the corporation and its customers, as well as the need to counter increasingly sophisticated hacking tricks.
Back in November last year, the company launched the Secure Future Initiative (SFI) program to strengthen the protection of new products and existing infrastructure. Now these rules will be finalized and will come into full force.
The SFI approach will be based on three key principles:
Security at the design stage: Ensuring cybersecurity will be the main requirement when developing any product or service.
Default security: All security features will be enabled by default, and no additional user actions will be required.
Secure operations: continuous improvement of control and monitoring measures to counter existing and new threats.
These principles will apply to the key areas of SFI: identity protection, tenant protection, isolation of production environments, protection of networks, engineering systems, threat monitoring, accelerated response and vulnerability correction. A detailed action plan for each of them, including recommendations from the Cybersecurity Council, has already been published.
If there is any conflict between security and other priorities, absolute preference will be given to security. This may also mean that the company will have to delay the release of some products or abandon outdated systems. Moreover, part of the remuneration of Microsoft's senior management team will now directly depend on success in the field of cybersecurity.
The SFI initiative involves not only technical, but also operational changes, continuous improvement, development of employees skills to counter increasing threats, as well as closer interaction with public and private organizations. Nadella said that ensuring security is a "team effort," and speeding up the SFI program is becoming an absolute priority for all Microsoft departments.
