Microsoft will take full ownership for security failures in House testimony
Cybersecurity Dive
|
Contributed by: Drex DeFord
Summary
Microsoft's Vice Chair and President, Brad Smith, testified before the U.S. House Committee on Homeland Security, accepting full responsibility for security failures highlighted by the Cyber Safety Review Board related to two significant state-linked cyberattacks. The attacks included a People's Republic of China breach into Microsoft Exchange Online, compromising 22 organizations, and a Russia-linked intrusion targeting senior executives. Criticized for prioritizing market speed over security, Microsoft now plans to enhance security measures, including linking executive compensation to security goals and hosting a CISA briefing. Smith acknowledged the increasing sophistication of nation-state cyber threats and emphasized the company's critical cybersecurity role.
