Microsoft Will Hold Executives Accountable for Cybersecurity
Microsoft will make organizational changes and hold senior leadership directly accountable for cybersecurity as part of an expanded initiative to bolster security across its products and services.
Microsoft’s executive vice president of security, Charlie Bell, announced the plans in a blog post last week that appeared designed to reassure customers and the US government of the company’s commitment to advancing cybersecurity in the face of a rapidly evolving threat landscape.
Instilling Accountability
“We will instill accountability by basing part of the compensation of the company’s Senior Leadership Team on our progress in meeting our security plans and milestones,” Bell said. “We are also taking major steps to elevate security governance, including several organizational changes and additional oversight, controls, and reporting.”
The new measures include adding a deputy CISO to each product team, having the company’s threat intelligence team report directly to the enterprise CISO, and having engineering teams from across Microsoft Azure, Windows, Microsoft 365, and security groups work together on security.