In its report published this week, the Cyber Safety Review Board (CSRB) says that the June 2023 online breach by Chinese threat actors who accessed U.S. government emails right before Secretary of State Anthony Blinken was to visit China, was “preventable”.

“[The report] identified a series of Microsoft operational and strategic decisions that collectively pointed to a corporate culture that deprioritized enterprise security investments and rigorous risk management, at odds with the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations,” the report says.

The CSRB urges Microsoft to develop and “publicly share” a plan with specific timelines to make fundamental, security-focused reforms across the company and its suite of products.

  • Ephera
    link
    fedilink
    arrow-up
    4
    ·
    9 months ago

    That culture has been in Microsoft’s DNA since forever. A one-off reform will not fix this.