Expanding Microsoft’s Secure Future Initiative: A Commitment to Cybersecurity

Expanding Microsoft’s Secure Future Initiative: A Commitment to Cybersecurity

In an era where cyber threats are evolving at an unprecedented pace, Microsoft is taking a bold step forward with the expansion of its Secure Future Initiative (SFI). Launched last November, SFI aims to prepare for the increasing scale and high stakes of cyberattacks by bringing together every part of Microsoft to advance cybersecurity protection across our company and products.

Security Above All Else

As highlighted by Charlie Bell, Executive Vice President of Microsoft Security, the recent findings by the Department of Homeland Security’s Cyber Safety Review Board (CSRB) regarding the Storm-0558 cyberattack and the Midnight Blizzard attack underscore the severity of the threats facing our company and our customers. Microsoft plays a central role in the world’s digital ecosystem, and this comes with a critical responsibility to earn and maintain trust. We must and will do more.

Guiding Principles and Expanded Scope

Going forward, our work will be guided by three security principles:

1. Secure by Design: Security comes first when designing any product or service.
2. Secure by Default: Security protections are enabled and enforced by default, require no extra effort, and are not optional.
3. Secure Operations: Security controls and monitoring will continuously be improved to meet current and future threats.

We are further expanding our goals and actions aligned to six prioritized security pillars, providing visibility into the details of our execution. These pillars include protecting identities and secrets, reducing the risk of unauthorized access, and strengthening identity standards.

A Unified Approach to Cybersecurity

The Secure Future Initiative is not just a commitment; it is a comprehensive approach to ensuring that our cybersecurity measures are robust and adaptive to the evolving threat landscape. By integrating the recent recommendations from the CSRB and our learnings from Midnight Blizzard, we are mobilizing the expanded SFI pillars and goals across Microsoft. This initiative will also be a dimension in our hiring decisions, and we will instill accountability by basing part of the compensation of the company’s Senior Leadership Team on our progress in meeting our security plans and milestones.

Join Us in Building a Secure Future

As we continue to navigate the complexities of the digital age, Microsoft remains steadfast in its commitment to cybersecurity. We invite you to join us in this journey to build a secure future for all.

Credit: Charlie Bell, Executive Vice President, Microsoft Security