Microsoft to hold top execs accountable for cybersecurity
What you need to know
- Microsoft has highlighted several measures it’s taking to resolve its cybersecurity-related issues.
- The Redmond giant will hold top executives accountable for cybersecurity, by tying a portion of their compensation packages to meeting security goals and metrics.
- It also plans to accelerate its response time and remediation when handling security issues.
Over the past few months, Microsoft has been placed under fire for its “cascade of security failures” coupled with anti-competitive cloud business practices. Speculations looming in the air indicate government institutions and large organizations are overreliant on Microsoft’s cloud services, forcing them to overlook the cybersecurity threats negatively impacting their services.
“Security underpins every layer of the tech stack, and it’s our No. 1 priority,” Microsoft CEO Satya Nadella indicated during the company’s recent earnings call. “We are doubling down on this very important work, putting security above all else, before all other features and investments.”
Satya Nadella’s plans for its cybersecurity department are seemingly taking shape. In a new blog post, Microsoft highlighted the measures it is taking to bolster security across its services and products, including protecting identities and secrets, monitoring and detecting threats, and more. But perhaps more importantly, the company is working towards accelerating its response time when security issues are flagged and remediation.
Interestingly, Microsoft plans to hold top executives accountable for cybersecurity. Moving forward, a section of their compensation packages will be tied to achieving set security goals.
According to Microsoft’s executive vice president of security, Charlie Bell:
“We will instill accountability by basing part of the compensation of the company’s Senior Leadership Team on our progress in meeting our security plans and milestones. We are also taking major steps to elevate security governance, including several organizational changes and additional oversight, controls, and reporting.”
Hackers are on Microsoft’s case
“Leveraging its dominance in productivity software, Microsoft restricts choice and inflates costs as European customers look to move to the cloud, thus distorting Europe’s digital economy,” indicated trade group CISPE while lodging complaints about Microsoft’s anti-competitive cloud business to the EU.
In the past few months, Microsoft has faced two major cyberattacks. The first incident was instigated by a hacker group, Midnight Blizzard. Its deceitful ploy granted them access to confidential emails between Microsoft and its clients.
The second encounter involved the Russian hacker group, Nobelium. Reports indicate the attack was designed to allow the hackers to access emails belonging to top Microsoft executives. It’ll be interesting to see how Microsoft’s newly imposed rules and regulations will impact its cybersecurity department and potentially resolve the security issues riddling the company.