1 week Ago By Paul Thurrott
Microsoft today cited the progress it’s made with its Secure Future Initiative (SFI), allegedly the “largest cybersecurity engineering effort in history.” I’m going to call BS on that claim, since it didn’t halt development of its core software platforms, . But the marketing behind SFI, coming as it does during Microsoft’s mad rush to spread AI everywhere, is of course noteworthy.
And the firm seems to be sincere about doing better. “At Microsoft, we recognize our unique responsibility in safeguarding the future for our customers and community,” . “As a result, every individual at Microsoft plays a pivotal role to “prioritize security above all else.
” We’ve made significant progress in fostering a security-first culture.” Sign up for our new free newsletter to get three time-saving tips each Friday — get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift! Among that progress is the creation of a new Cybersecurity Governance Council and the appointment of Deputy Chief Information Security Officers (Deputy CISOs) for key security functions and all engineering divisions; these deputy CISOs staff the Cybersecurity Governance Council, are responsible for the company’s overall cyber risk, defense, and compliance, and report directly to CISO Igor Tsyganskiy.
Microsoft has also made security a core part of each employee’s annual performance review and launched a Security Skilling Academy to train employees to prioritize security in their daily work. The Microsoft senior leadership team now reviews SFI progress every week, and updates the company’s Board of Directors each quarter. And the SLT now has security performance directly linked to their compensation as well.
. As you may recall, in the wake of a string of cyberattacks, claiming for the umpteenth time that it was getting serious about security again. , at which point it expanded its focus to six key security pillars, again stressing that it was now “serious” about security.
And then happened this past summer, with , and . and other security players, but little came of it. Now, Microsoft is “reaffirming” its security commitment.
“The work we’ve done so far is only the beginning,” Mr. Bell concludes. “We know that cyberthreats will continue to evolve, and we must evolve with them.
By fostering this culture of continuous learning and improvement, we are building a future where security is not just a feature, but a foundation.” Paul Thurrott is an award-winning technology journalist and blogger with 30 years of industry experience and the author of 30 books. He is the owner of and the host of three tech podcasts: with Leo Laporte and Richard Campbell, , and with Brad Sams.
He was formerly the senior technology analyst at Windows IT Pro and the creator of the SuperSite for Windows from 1999 to 2014 and the Major Domo of Thurrott.com while at BWW Media Group from 2015 to 2023. You can reach Paul via , or .
Join the crowd where the love of tech is real - become a Thurrott Premium Member today! Sign up for our new free newsletter to get three time-saving tips each Friday.
