In this special report, Chris Hughes uncovers the deep-seated cybersecurity challenges facing Microsoft, exploring the company’s efforts to revamp its security culture and regain trust.
Strong points
00:19 — A report from the Cyber Safety Review Board covered the 2023 Microsoft Online Exchange incident and found that Microsoft made avoidable mistakes. Microsoft is also a leader in the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerability catalog. This catalog presents exploited vulnerabilities known in the wild.
01:25 – This incident collected a lot of negative publicity for Microsoft, including Congress. Security industry leaders have pointed out that Microsoft generates tens of billions in security revenue and often acts as what they call both the arsonist and the fireman.
01:46 — This led Microsoft to introduce the Secure Future Initiative This calls for the next evolutionary stage of the Microsoft security development lifecycle and emphasizes new technical advancements using AI-based cyber defenses. I moderated a RSA panel with Bret Arsenault from Microsoft. He explained how excited he is about the direction this is taking.
02:22 — Plus, Microsoft CEO Nadella issued a memo internally, it’s about putting safety first, doing the right thing, and when faced with choices, choosing safety above all else. He even linked the remuneration of certain executives to safety, which constitutes a new approach.
03:11 — This underlines, at least publicly, how seriously the organization takes the situation it finds itself in. It remains to be seen whether Microsoft will not just talk the talk, but walk the talk when it comes to strengthening its security.
THE Q1 2024 AI Ecosystem Report compiles innovations, funding, and products highlighted in the Q1 2024 AI Ecosystem Reports. Download now for insights on the companies, investments, innovations and solutions shaping the future of AI.
