Security News Microsoft overhaul treats security as ‘top priority’ after series of failures

[vtqhtr413]

Content source

https://www.theverge.com/2024/5/3/24147883/microsoft-security-priority-executive-compensation-goals

Microsoft is making security its number one priority for every employee, following years of security issues and mounting criticisms. After a scathing report from the US Cyber Safety Review Board recently concluded that “Microsoft’s security culture was inadequate and requires an overhaul,” it’s doing just that by outlining a set of security principles and goals that are tied to compensation packages for Microsoft’s senior leadership team.

Last November, Microsoft announced a Secure Future Initiative (SFI) in response to mounting pressure on the company to respond to attacks that allowed Chinese hackers to breach US government email accounts. Just days after announcing this initiative, Russian hackers managed to breach Microsoft’s defenses and spy on the email accounts of some members of Microsoft’s senior leadership team. Microsoft only discovered the attack nearly two months later in January, and the same group even went on to steal source code.

Microsoft overhaul treats security as “top priority” after a series of failures

Microsoft outlines its security overhaul.

www.theverge.com

 

[TairikuOkami]

MS should stop forcing insecure passkeys. Recently one guy signed on a friend's PC and he can not get sign out. Changing password or revoking does nothing, because a passkey is above all.
I hate MS for forcing passkey on me, but it can not be disabled nor removed. Windows Hello = passkey. Passkey basically bypasses MFA, it is your device, it has to be you, even if it is not.