In its report published this week, the Cyber Safety Review Board (CSRB) says that the June 2023 online breach by Chinese threat actors who accessed U.S. government emails right before Secretary of State Anthony Blinken was to visit China, was “preventable”.
“[The report] identified a series of Microsoft operational and strategic decisions that collectively pointed to a corporate culture that deprioritized enterprise security investments and rigorous risk management, at odds with the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations,” the report says.
The CSRB urges Microsoft to develop and “publicly share” a plan with specific timelines to make fundamental, security-focused reforms across the company and its suite of products.
Blasts! Destroys! Shazam! Blam! Kapow!
BOOM! 💥
deleted by creator
Unfortunately, many, many users exist, for which trust is a function of “Have I heard of this company before?”…
deleted by creator
Nope. The publication date aside (2 April), DHS is not known for its sense of humor in any context.
And this is why I fight moving to the cloud constantly. They keep jacking prices too, so it is no longer cheaper to move infrastructure to the cloud except in certain scenarios.
What’s that mean when 80% of Congress can’t convert to PDF to save their lives?
That culture has been in Microsoft’s DNA since forever. A one-off reform will not fix this.