It’s been a challenging year for Microsoft in terms of cybersecurity. The tech giant has faced a series of serious security breaches involving its products, and there’s clear work to be done. Despite its status as a major player in the tech world, Microsoft has had to confront some significant incidents in recent months, including attacks on high-profile targets within the US government.
One of the most prominent breaches involved Russian state-sponsored hackers infiltrating Microsoft’s corporate email system to gain access to US government emails. Another attack in 2023, orchestrated by a Chinese state-backed group, breached Microsoft Exchange Online mailboxes. High-level figures were affected, including Commerce Secretary Gina Raimondo, US Ambassador to China R. Nicholas Burns, and Congressman Don Bacon.
Despite these setbacks, Microsoft remains committed to making cybersecurity its top priority. In its latest update, the company detailed its progress on the Secure Future Initiative (SFI), a programme launched in November 2023 to bolster its defences.
Learning from the past to protect the future
Microsoft’s recent progress report on the SFI highlights its steps to reinforce its focus on security. This initiative aims to “prioritise security above all else,” the update outlines several key actions. These include governance improvements, upskilling initiatives for staff, and comprehensive security reviews designed to strengthen Microsoft’s cybersecurity posture.
One of the company’s biggest moves over the past year has been the creation of a Cybersecurity Governance Council. This body is made up of Deputy Chief Information Security Officers (CISOs), who meet regularly to review cybersecurity risks, ensure compliance, and refine Microsoft’s defence strategies. Furthermore, executives now have their compensation linked directly to security performance. This measure is intended to encourage greater accountability and focus on minimising risks and avoiding the mistakes of the past.
Microsoft introduced the Security Skilling Academy to address the growing cybersecurity skills gap. This programme aims to equip employees with the latest knowledge and tools in cybersecurity, enabling them to play a more active role in defending the company against cyber threats.
Enhancing security across the board
Microsoft has also taken significant steps to address its six key pillars of cybersecurity. These include improvements to identity protection, better token management, and enhanced phishing resistance within its Microsoft Entra ID access management system. The company has also tightened tenant and production protection by streamlining app lifecycle management and reducing inactive tenants, thereby reducing the potential attack surface.
Network security has also seen major upgrades. By isolating certain virtual networks with limited backend connectivity, Microsoft aims to curb lateral movement within systems, making it harder for attackers to spread. Admin rules for Azure Storage, SQL, Cosmos DB, and Key Vault have also been improved, giving customers stronger tools to protect their data.
As part of the SFI’s achievements, 85% of Microsoft’s production build pipelines for commercial cloud now operate under centralised governance. To further enhance security, the lifespan of Personal Access Tokens has been slashed to just seven days, and new security checks have been introduced into the software development process. The company has also reduced the number of elevated roles that can access critical engineering systems.
When it comes to threat detection and monitoring, Microsoft has simplified its processes with the introduction of standardised security audit logs. Centralised log management now covers 99% of network devices, making it easier to detect and respond quickly to potential threats.
Looking ahead: a culture of continuous improvement
One key commitment in Microsoft’s SFI update is a renewed focus on transparency. The company has pledged to reduce the time it takes to address common vulnerabilities and exposures (CVEs) across its cloud infrastructure. Additionally, it has set up a Customer Security Management Office to improve communication with customers when a security issue arises.
Regarding Microsoft’s progress, Executive Vice President of Microsoft Security, Charlie Bell, commented, “The work we’ve done so far is only the beginning. We know that cyber threats will continue to evolve, and we must evolve with them. By fostering this continuous learning and improvement culture, we are building a future where security is not just a feature but a foundation.”
Microsoft’s journey to strengthening its cybersecurity defences is far from over. However, its steps under the Secure Future Initiative indicate a serious commitment to addressing past vulnerabilities and building a more secure future for its users.
