ADVERTISEMENT
Manila Bulletin devider Technews devider Microsoft expands the Secure Future Initiative

Microsoft expands the Secure Future Initiative

Published May 9, 2024 05:16 am

Cyberthreats have scaled up. 

Recent findings from the US Department of Homeland Security's Cyber Safety Review Board (CSRB) revealed a cyber attack on Microsoft by Storm-0558, a threat actor group.  Additionally, Microsoft has faced persistent attacks from another group, Midnight Blizzard.

In response to this, Microsoft will be expanding its Secure Future Initiative, a program they launched last November, to protect themselves and their products from cyberattacks.

In a press release from Microsoft, they said, “We are making security our top priority at Microsoft, above all else—over all other features. We’re expanding the scope of SFI, integrating the recent recommendations from the CSRB as well as our learnings from Midnight Blizzard to ensure that our cybersecurity approach remains robust and adaptive to the evolving threat landscape.” 

Microsoft said hiring decisions will have an important role in how they will be expanding SFI and “instill accountability” to the company’s senior leadership team and base their compensation on how well they perform. So, basically, they mean if Microsoft’s cybersecurity leaders do good in their jobs, they’re paid better.  

Micro.png

Microsoft said they changed their security approach, guided by three security principles: 

  • Secure by design: Security comes first when designing any product or service. 
  • Secure by default: Security protections are enabled and enforced by default, require no extra effort, and are not optional. 
  • Secure operations: Security controls and monitoring will continuously be improved to meet current and future threats. 

This is followed by six security pillars: 

1. Protect identities and secrets 

Reduce the risk of unauthorized access by implementing and enforcing best-in-class standards across all identity and secrets infrastructure, and user and application authentication and authorization. As part of this, we are taking the following actions: 

  • Protect identity infrastructure signing and platform keys with rapid and automatic rotation with hardware storage and protection (for example, hardware security module (HSM) and confidential compute). 
  • Strengthen identity standards and drive their adoption through use of standard SDKs across 100% of applications. 
  • Ensure 100% of user accounts are protected with securely managed, phishing-resistant multifactor authentication. 
  • Ensure 100% of applications are protected with system-managed credentials (for example, Managed Identity and Managed Certificates). 
  • Ensure 100% of identity tokens are protected with stateful and durable validation. 
  • Adopt more fine-grained partitioning of identity signing keys and platform keys. 
  • Ensure identity and public key infrastructure (PKI) systems are ready for a post-quantum cryptography world. 

2. Protect tenants and isolate production systems 

Protect all Microsoft tenants and production environments using consistent, best-in-class security practices and strict isolation to minimize breadth of impact. As part of this, we are taking the following actions: 

  • Maintain the security posture and commercial relationships of tenants by removing all unused, aged, or legacy systems. 
  • Protect 100% of Microsoft, acquired, and employee-created tenants, commerce accounts, and tenant resources to the security best practice baselines. 
  • Manage 100% of Microsoft Entra ID applications to a high, consistent security bar. 
  • Eliminate 100% of identity lateral movement pivots between tenants, environments, and clouds. 
  • 100% of applications and users have continuous least-privilege access enforcement. 
  • Ensure only secure, managed, healthy devices will be granted access to Microsoft tenants. 

3. Protect networks 

Protect Microsoft production networks and implement network isolation of Microsoft and customer resources. As part of this, we are taking the following actions: 

  • Secure 100% of Microsoft production networks and systems connected to the networks by improving isolation, monitoring, inventory, and secure operations. 
  • Apply network isolation and microsegmentation to 100% of the Microsoft production environments, creating additional layers of defense against attackers. 
  • Enable customers to easily secure their networks and network isolate resources in the cloud. 

4. Protect engineering systems 

Protect software assets and continuously improve code security through governance of the software supply chain and engineering systems infrastructure. As part of this, we are taking the following actions: 

  • Build and maintain inventory for 100% of the software assets used to deploy and operate Microsoft products and services. 
  • 100% of access to source code and engineering systems infrastructure is secured through Zero Trust and least-privilege access policies. 
  • 100% of source code that deploys to Microsoft production environments is protected through security best practices. 
  • Secure development, build, test, and release environments with 100% standardized, governed pipelines and infrastructure isolation. 

Secure the software supply chain to protect Microsoft production environments.

5. Monitor and detect threats 

Comprehensive coverage and automatic detection of threats to Microsoft production infrastructure and services. As part of this, we are taking the following actions: 

  • Maintain a current inventory across 100% of Microsoft production infrastructure and services. 
  • Retain 100% of security logs for at least two years and make six months of appropriate logs available to customers. 
  • 100% of security logs are accessible from a central data lake to enable efficient and effective security investigation and threat hunting. 
  • Automatically detect and respond rapidly to anomalous access, behaviors, and configurations across 100% of Microsoft production infrastructure and services.

6. Accelerate response and remediation 

Prevent exploitation of vulnerabilities discovered by external and internal entities, through comprehensive and timely remediation. As part of this, we are taking the following actions: 

  • Reduce the Time to Mitigate for high-severity cloud security vulnerabilities with accelerated response. 
  • Increase transparency of mitigated cloud vulnerabilities through the adoption and release of Common Weakness Enumeration (CWE), and Common Platform Enumeration (CPE) industry standards for released high severity Common Vulnerabilities and Exposures (CVE) affecting the cloud. 
  • Improve the accuracy, effectiveness, transparency, and velocity of public messaging and customer engagement. 

 

ADVERTISEMENT
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1561_widget.title }}

{{ item.title }}
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1562_widget.title }}

{{ item.title }}
.most-popular .layout-ratio{ padding-bottom: 79.13%; } @media (min-width: 768px) and (max-width: 1024px) { .widget-title { font-size: 15px !important; } }

{{ articles_filter_1563_widget.title }}

{{ item.title }}

{{ articles_filter_1564_widget.title }}

{{ item.title }}
.mb-article-details { position: relative; } .mb-article-details .article-body-preview, .mb-article-details .article-body-summary{ font-size: 17px; line-height: 30px; font-family: "Libre Caslon Text", serif; color: #000; } .mb-article-details .article-body-preview iframe , .mb-article-details .article-body-summary iframe{ width: 100%; margin: auto; } .read-more-background { background: linear-gradient(180deg, color(display-p3 1.000 1.000 1.000 / 0) 13.75%, color(display-p3 1.000 1.000 1.000 / 0.8) 30.79%, color(display-p3 1.000 1.000 1.000) 72.5%); position: absolute; height: 200px; width: 100%; bottom: 0; display: flex; justify-content: center; align-items: center; padding: 0; } .read-more-background a{ color: #000; } .read-more-btn { padding: 17px 45px; font-family: Inter; font-weight: 700; font-size: 18px; line-height: 16px; text-align: center; vertical-align: middle; border: 1px solid black; background-color: white; } .hidden { display: none; }
function initializeAllSwipers() { // Get all hidden inputs with cms_article_id document.querySelectorAll('[id^="cms_article_id_"]').forEach(function (input) { const cmsArticleId = input.value; const articleSelector = '#article-' + cmsArticleId + ' .body_images'; const swiperElement = document.querySelector(articleSelector); if (swiperElement && !swiperElement.classList.contains('swiper-initialized')) { new Swiper(articleSelector, { loop: true, pagination: false, navigation: { nextEl: '#article-' + cmsArticleId + ' .swiper-button-next', prevEl: '#article-' + cmsArticleId + ' .swiper-button-prev', }, }); } }); } setTimeout(initializeAllSwipers, 3000); const intersectionObserver = new IntersectionObserver( (entries) => { entries.forEach((entry) => { if (entry.isIntersecting) { const newUrl = entry.target.getAttribute("data-url"); if (newUrl) { history.pushState(null, null, newUrl); let article = entry.target; // Extract metadata const author = article.querySelector('.author-section').textContent.replace('By', '').trim(); const section = article.querySelector('.section-info ').textContent.replace(' ', ' '); const title = article.querySelector('.article-title h1').textContent; // Parse URL for Chartbeat path format const parsedUrl = new URL(newUrl, window.location.origin); const cleanUrl = parsedUrl.host + parsedUrl.pathname; // Update Chartbeat configuration if (typeof window._sf_async_config !== 'undefined') { window._sf_async_config.path = cleanUrl; window._sf_async_config.sections = section; window._sf_async_config.authors = author; } // Track virtual page view with Chartbeat if (typeof pSUPERFLY !== 'undefined' && typeof pSUPERFLY.virtualPage === 'function') { try { pSUPERFLY.virtualPage({ path: cleanUrl, title: title, sections: section, authors: author }); } catch (error) { console.error('ping error', error); } } // Optional: Update document title if (title && title !== document.title) { document.title = title; } } } }); }, { threshold: 0.1 } ); function showArticleBody(button) { const article = button.closest("article"); const summary = article.querySelector(".article-body-summary"); const body = article.querySelector(".article-body-preview"); const readMoreSection = article.querySelector(".read-more-background"); // Hide summary and read-more section summary.style.display = "none"; readMoreSection.style.display = "none"; // Show the full article body body.classList.remove("hidden"); } document.addEventListener("DOMContentLoaded", () => { let loadCount = 0; // Track how many times articles are loaded const offset = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]; // Offset values const currentUrl = window.location.pathname.substring(1); let isLoading = false; // Prevent multiple calls if (!currentUrl) { console.log("Current URL is invalid."); return; } const sentinel = document.getElementById("load-more-sentinel"); if (!sentinel) { console.log("Sentinel element not found."); return; } function isSentinelVisible() { const rect = sentinel.getBoundingClientRect(); return ( rect.top < window.innerHeight && rect.bottom >= 0 ); } function onScroll() { if (isLoading) return; if (isSentinelVisible()) { if (loadCount >= offset.length) { console.log("Maximum load attempts reached."); window.removeEventListener("scroll", onScroll); return; } isLoading = true; const currentOffset = offset[loadCount]; window.loadMoreItems().then(() => { let article = document.querySelector('#widget_1690 > div:nth-last-of-type(2) article'); intersectionObserver.observe(article) loadCount++; }).catch(error => { console.error("Error loading more items:", error); }).finally(() => { isLoading = false; }); } } window.addEventListener("scroll", onScroll); });
Join Our Newsletters

Sign up by email to receive news.

© 2025 Manila Bulletin The Nation's Leading Newspaper. All Rights Reserved.