How Microsoft is securing our future
I am thrilled to share the latest edition of this newsletter from Bogotá, the beautiful capital of Colombia, where I'm presenting the Security keynote at the Microsoft AI Tour . It’s so wonderful to connect with our global customers and partners and celebrate the remarkable wonders of AI. I believe AI will elevate human potential across all facets and for that it has to start with trust. To that end, Microsoft has announced new capabilities in the Microsoft portfolio to enable customers in developing Trustworthy AI systems . These advancements will enable organizations to safely and responsibly tap into the potential of this revolutionary technology, keeping security, privacy and safety at the center.? ? Security is a team sport and in our ongoing commitment to secure and protect our customers, we recently collaborated with our amazing security partners at the Windows Endpoint Security Ecosystem Summit . The collective effort to prioritize user protection and security was truly inspiring, and the resulting plans will ensure our customers' technology remains safeguarded and resilient. I’m heartened by how our ecosystem is coming together to keep our customers and community safe.?
?
It’s hard to believe the summer is already gone! As we enter the transformative season of fall, we are wholeheartedly embracing the power of change. Just as transformation is constant in both nature and technology, we are taking this opportunity to evolve, adapt, and enhance our security strategies. In this era of innovation, I’m in awe of our team and the way they have adopted this mindset and have met the challenge of ensuring that we are putting security at the heart of everything we do.?
When Microsoft launched the Secure Future Initiative (SFI) last November, we announced a cross-company effort to prioritize a security first culture. Now, I am happy to share our SFI Progress Report discussing the changes to our company culture and governance, standards and principles, and our six major commitments:?
SFI is focused on prioritizing security above all else and Microsoft’s commitment to creating a safer digital ecosystem. It evolves how Microsoft?creates and operates our products and services based on Zero Trust principles to achieve the highest possible standards for security.??
?
Security is not a destination but a constantly changing landscape that requires continuous adaptation as threats evolve. We are changing the culture in several ways. Not only did we mobilize the equivalent of 34,000 full time engineers to achieve our goals, but we added security as a core priority for all employees, tied our Senior Leadership Team’s compensation to security performance, and launched an internal Security Skilling Academy to offer curated training for all employees. And we introduced Deputy Chief Information Security Officers (Deputy CISOs) aligned with major product groups to ensure comprehensive security governance.?
I’m delighted to spotlight Ann Johnson , one of Microsoft’s Deputy CISOs and Corporate Vice President of Microsoft’s Customer Security Management Office. Ann has been in tech her entire professional career and has been in the cybersecurity industry for more than two decades. Her launch into the security space started at RSA with a fascination with RSA security tokens. Her willingness to learn this new-to-her space led to a successful career shift. In her new role as a Deputy CISO, she is responsible for helping drive faster, more transparent, and more detailed security engagements with customers.?
领英推荐
This company-wide focus has been key to the initiative’s success so far. Ann shares that her advice for other companies looking to commit to a security first stance is that, “You have to get the governance right and you have to get the culture right if you're going to do some type of wholesale change like this.” And now that we do, she and the other Deputy CISOs are working to keep security top of mind.?
Some strategies Ann shared for fostering a culture of cybersecurity awareness across organizations include consistent alignment on core priorities, making cybersecurity relatable to everyday experiences, and the importance of continuous education and engagement. That ongoing training and awareness, even for seasoned professionals, is important to maintain a high level of cybersecurity vigilance and knowledge.?
Ann adds, “It's not that we weren't doing security previously, it's just we didn't have the energy and focus of the entire company around it. So now that we do, we have to get the culture piece right, and we have to get the governance piece right and we have to keep things top of mind. If we don't, we'll start to lose the momentum that we have. I love the fact that we've put in place those core priorities, the additional training, the compensation levers, the Deputy CISOs who are going to drive governance, and the new risk processes. All of those things are going to keep the energy going in the right direction and keep the momentum going. We've already seen phenomenal progress in support of this effort. And we're going to continue seeing that.”?
?
Something that recently inspired me is the book Second Mountain by David Brooks. In the book David explores how to live a life of purpose and meaning sharing stories of extraordinary people who are doing that. It’s a deeply moving book.?
A quote I love: "We are born and reborn every day. The act of living, if we live with meaning, is a constant process of renewal.” — Octavio Paz?
?
Chairman, Partner, President & Board Member | ex-Marcus, Goldman Sachs; ex-Discover Card; Mastercard; Infostretch
1 个月Vasu Jakkal thanks for sharing these valuable insights!
Security Strategy Advisor | National Security | Corporate Security | Strategic Leadership in Crises | Physical Security | AI Trust, Risk & Security Management (AI TRiSM) | Technology Systems Recovery
1 个月Impressive!
CEO & Co-founder at Kovrr | Cyber Risk Quantification
1 个月The introduction of Deputy CISOs is brilliant. When employees across the organization see that there is an active figurehead working towards embedding cyber risk management into their respective departmental processes, not only does it increase awareness, but it shows that it's a top business priority. What's particularly powerful is that it's going to reshape the relationship between security and innovation, creating an environment where cyber is not an afterthought but a strategic business enabler, which, ultimately, accelerates the release and ensures the effectiveness of new solutions and updates. Huge kudos to Microsoft.
President @ R3 | Robust IT Infrastructures for Scaling Enterprises | Leading a $100M IT Revolution | Follow for Innovative IT Solutions ??
1 个月Really love what Microsoft is doing at the design stage to safeguard against future threats. Not a lot of people are considering the risks involved with new techs like AI and it's going to take a lot of trial and error before they can be used responsibly