It’s been a difficult year for Microsoft when it comes to cybersecurity, with the tech giant experiencing a number of security incidents linked to its products in recent months.
First, Russian government-backed hackers were able to break into Microsoft corporate email accounts and steal US government emails. In 2023, an attack carried out by a Chinese government-backed group compromised Microsoft Exchange Online mailboxes, including those of Commerce Secretary Gina Raimondo, US Ambassador to China R. Nicholas Burns, and Congressman Don Bacon.
The company insisted at the time that security was its top priority, but now it has provided an update on the progress of its Secure Future Initiative (SFI), a program launched in November 2023 to advance Microsoft’s cybersecurity protections.
Learning from the past to protect the future
(Image courtesy of Microsoft)
Microsoft’s SFI update outlines the progress it’s making to “put security above all else,” including governance updates, a new upskilling program, employee security reviews, and how Redmond is addressing its core pillars of cybersecurity.
Microsoft strengthened its governance last year by establishing a Cybersecurity Governance Council, comprised of a deputy chief information security officer (CISO) who regularly reviews all things cybersecurity, including risk, compliance and defense.
It also links executive compensation to security performance to increase accountability and motivate them to focus on avoiding mistakes and improving on past performance. Additionally, the company has introduced a Security Skills Academy to provide employees with new cybersecurity skills and knowledge.
With regards to Microsoft’s six key cybersecurity pillars, the company took steps to strengthen protection of identities and secrets by strengthening token management and phishing resistance in its access management solution, Microsoft Entra ID. Tenant and operational protection was strengthened by streamlining app lifecycle management and reducing the attack surface by removing inactive tenants.
Network protection has been improved by isolating specific virtual networks with back-end connectivity to reduce the possibility of lateral movement, and management rules for Azure Storage, SQL, Cosmos DB, and Key Vault have been strengthened to help customers ensure security.
The SLI also led to 85% of Microsoft’s production build pipelines for the commercial cloud using centralized management, shortened the lifetime of personal access tokens to seven days, reduced the number of elevated roles that have access to engineering systems, and introduced checks into the software development cycle.
Threat detection and monitoring has been streamlined with the introduction of standardized security audit logs and centralized log management covering 99% of network devices.
Finally, Microsoft is working to update its processes to increase transparency and reduce time to mitigate Common Vulnerabilities and Exposures (CVEs) across its cloud infrastructure, as well as establishing a Customer Security Management Office to improve communication with customers during security incidents.
“The work we’ve done so far is just the beginning. We know cyber threats will continue to evolve, and we must evolve with them,” said Charlie Bell, executive vice president of Microsoft Security.
“By fostering a culture of continuous learning and improvement, we will build a future where security is a foundation, not just a feature.”
