Microsoft is grappling with security challenges. Following a series of significant security setbacks in recent times, the tech firm now faces a scorching report from the Cyber Safety Review Board that says “Microsoft’s security culture was inadequate and requires an overhaul, particularly in light of the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations.”
After conducting a deep fact-finding around the cybersecurity incidents, the Cyber Safety Review Board (CSRB) “concludes that this intrusion should never have happened. Storm-0558 was able to succeed because of a cascade of security failures at Microsoft, as outlined in this report.”
Throughout the review, the Board “identified a series of operational and strategic decisions that collectively point to a corporate culture in Microsoft that deprioritized both enterprise security investments and rigorous risk management.” These are the decisions that cost significantly and harm Microsoft customers around the globe. “The Board is convinced that Microsoft should address its security culture.”
Reacting to the reports, MSN quoted Microsoft CEO Satya Nadella's interview with Wired that changing the company’s mindset is important. He also considered a ‘culture change’ in the company and addressed the time to work beyond just blaming employees, while signifying the need to address the keys of security vulnerabilities in the company.
Addressing the possibility of layoffs within the company, the CEO responded with a cryptic remark: 'This is not about a witch hunt internally at Microsoft.' He also acknowledged the 'perverse incentives' that prioritize developing new products while often neglecting the security of existing ones. Microsoft SEO also regrated regressing “chase ambulances” culture that focuses on addressing the problem after it occurs.
In recent times, Microsoft has faced multiple prominent cybersecurity challenges. For instance, in July, a flawed update from the cybersecurity company CrowdStrike caused a widespread IT outage, affecting numerous Microsoft users worldwide.
Also, in March, Microsoft's security vulnerability was highlighted and was attacked by a Chinese hacking group named Storm-0588.
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
