Kevin Beaumont
Microsoft's CEO has emailed the company telling everybody to prioritize security. My thoughts, which 4 people will read.
https://doublepulsar.com/breaking-down-microsofts-pivot-to-placing-cybersecurity-as-a-top-priority-734467a8db01
Breaking down Microsoft’s pivot to placing cybersecurity as a top priority

Recently, Microsoft had quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as…

DoublePulsar
May 3, 2024 at 8:57pmWeb
Show threadnobodyMay 3, 2024
@GossiTheDog Well... 5 people. I regularly send links to your posts to my coworkers. so perhaps 6? :)
Show threadAdrian SanabriaMay 3, 2024
@Rajiv @GossiTheDog it's going into the next news segment of my podcast, so maybe add another few thousand to that
Show threadwasabi brainMay 3, 2024
@GossiTheDog I don’t know how Microsoft can reconcile this posture of security is everyone’s most important job with their attempt to shoehorn genAI into everything. Since GenAI is fundamentally not deterministic I don’t know how you can secure the data it’s using
Show threadsecureisdMay 3, 2024
@GossiTheDog That is a brilliant longread. And does give real hope for the future. It sounds like that email will indeed arm those who have the will and capability to do the right thing, to smack over the head anyone who resists
Show threadAdrian SanabriaMay 3, 2024

@GossiTheDog curious about how a few of my observations hit you:

  • I liked that the CSRB didn't just look at Microsoft and said "do better" - they looked at Microsoft, AWS, GCP, and even Oracle - and then said "do better"
  • I suspect this CSRB report was a huge help to Microsoft - shifting priorities towards non-revenue producing activities isn't easy, but it's MUCH easier to justify to your board and shareholders with this CSRB report from the USGov in hand.
    • Show threadMarcus AdamsMay 3, 2024
    @GossiTheDog The crazy thing is that the engineers who work on open source projects "seem" to be reasonably talented folks. Like the guy who found the back door in SSH because it took a half second longer than normal to authenticate. When it comes to Windows though it just seems like a complete clusterfuck.
    Show threadBrian ClarkMay 3, 2024
    @GossiTheDog your right!
    Show threadI love this, so IMay 3, 2024
    @GossiTheDog what’s old is new again. Wasn’t it the early-Ballmer era when they said the entire company would be focusing on security?
    Show threadSilent.TomMay 4, 2024
    @GossiTheDog I am one of them. Interesting read.
    Show threadOch MennoMay 4, 2024
    @GossiTheDog super great read. Thanks
    Show threadYurkshireLadMay 4, 2024
    @GossiTheDog if Microsoft’s CEO has just realized that security is important then they need a new CEO.
    Show threadBradley StowersMay 5, 2024

    @GossiTheDog You've been to Havana, too?

    Viaje Fantástico

    Show threadNick SchonningMay 6, 2024
    @GossiTheDog I think there is a missing word after "continue to" in the sentence " I think we’ll continue to security vendors, not just Microsoft, having to reprioritise security to be at the heart of their operations"