In this Special Report, Chris Hughes uncovers the deep-seated cybersecurity challenges faced by Microsoft, exploring the company’s efforts to revamp its security culture and regain trust.
Highlights
00:19 — A Cyber Safety Review Board report covered the 2023 Microsoft Online Exchange Incident and found that Microsoft had avoidable errors. Microsoft is also a leader on the Known Exploited Vulnerability catalog from the Cybersecurity and Infrastructure Security Agency. This catalog shows known exploited vulnerabilities in the wild.
01:25 — This incident has garnered a lot of negative publicity for Microsoft, including from Congress. Industry security leaders have pointed out that Microsoft has tens of billions of security revenue and is often functioning as what they call both the arsonist and the fireman.
01:46 — This has led Microsoft to introduce the Secure Future Initiative that calls for the next evolutionary stage of Microsoft Security Development Lifecycle and emphasizes new engineering advances using AI-based cyber defenses. I moderated an RSA panel with Microsoft’s Bret Arsenault. He weighed in on how it’s excited about where this is headed.
02:22 — Additionally, Microsoft CEO Nadella released a memo internally about putting security first, doing the right thing, and, when facing choices, choosing security above everything else. It also even tied some executives’ compensation to security which is a new approach.
03:11 — This emphasizes, at least publicly, how seriously the organization is taking the situation that it’s in. What remains to be seen is if Microsoft will not just talk the talk, but walk the walk when it comes to bolstering their security.
The AI Ecosystem Q1 2024 Report compiles the innovations, funding, and products highlighted in AI Ecosystem Reports from the first quarter of 2024. Download now for perspectives on the companies, investments, innovations, and solutions shaping the future of AI.
