“In November 2023, Microsoft announced the Secure Future Initiative (SFI) to address the increasing scale, speed, and sophistication of cyberattacks”
As cyber attacks across the world increase in sophistication, companies need to constantly improve and innovate in order to defend against cyber attacks. However, this doesn’t just include technical controls. Cyber culture and a strong overall board direction is just as important to guide secure development, testing and deployment of your businesses services. Leading the way in these initiatives is Microsoft, who are running a scheme known as the Secure Future Initiative (SFI). This details their commitment to security and hwo important it is in the modern day and age. Let’s take a look into what their progress report means for the end user.
One of the main pillars of the report is Secure by Design (SbD). This process that aims to replace the cyber accrediation process to make sure systems being developed are secure. SbD aims to implement security features from the start of the development, rather than being accredited at the end of the development process. This means that applications and systems that are developed are inherently secure and are less likely to be vulnerable to attack, as things that would have been missed in the accreditation have been considered and avoided from the start.
Secure by Default follows a similar process that affects the end user. Instead of deploying an application with weak or no default settings (such as not enabling Multi Factor Authentication (MFA)), systems will have them on by deafult to ensure the user’s data and cyberspace is more secure.
Cyber security culture is very difficult to define and implement as it isn’t something that can be porgrammed into an application. It is about generating awareness and understand of cyber security and it’s significance in the workplace. In their report, Microsoft states that they have dedicated over 30,000 of their engineers to security, to ensure that their products are suitably secure. This kind of clear and definitive action from the senior leaders in Microsoft will show the employees that security is a priority, and help them to udnerstand why it is so important. The CEO has also declared that security is the company’s number 1 priority, which further demonstrates how critical security is for a modern company, and shouldn’t just be an afterthought.
To take this a step further, it has been incorporated into the performance reviews of Microsoft’s employees. This shows that they are not just taking a general interest in cyber and security, but are putting it at the core of their business’ operations.
Alongside these key points, they have impletemented 6 key principles within culture and governance. They are:
Overall, this report shows that Microsoft is serious about security. To check it out, click here. Thanks for reading
“At Microsoft, we recognize our unique responsibility in safeguarding the future for our customers and community.”