Microsoft(US:MSFT) Business Insider·2024-11-23 17:31Core Points - Microsoft CEO Satya Nadella emphasizes the need for a culture change within the company to address ongoing security challenges [2][3] - The company has faced significant cybersecurity issues, including a global IT outage linked to CrowdStrike and vulnerabilities to attacks from Chinese and Russian hacking groups [3][5] - Microsoft has publicly accepted responsibility for its security flaws, acknowledging the need for an overhaul of its security systems [4][3] Group 1 - Microsoft has been criticized for its inadequate security measures, particularly highlighted by a report from the US Department of Homeland Security [3] - The company has experienced high-profile breaches, including attacks from the Russian group Midnight Blizzard, which compromised a small percentage of corporate email accounts [5] - Nadella has stated that the change in culture will not involve blaming employees but rather addressing "perverse incentives" that prioritize product development over security [6] Group 2 - A report indicated that Microsoft may have concealed a security flaw to protect its interests in securing government contracts, which was later exploited in the SolarWinds attack [7] - Brad Smith, Microsoft's vice chair, has acknowledged the company's responsibility for the issues raised in the Cyber Safety Review Board's report [4] - The company is under pressure to improve its security posture following these incidents and public scrutiny [3][4]