Microsoft ties executive pay to security of company’s products after a series of leaks
Microsoft will make the salaries of its senior management team partially dependent on how well the company’s product security performance meets its security goals. Ars Technica writes about it writes.
The company is taking such measures after a series of leaks. For example, in the summer of 2023, the company reported that Chinese hackers intent on gathering intelligence on the United States had gained access to government email accounts.
According to Microsoft, the hacker group compromised a total of about 25 organizations, including government agencies. The attackers had access to at least some of the accounts for a month before the hack was discovered.
This year, Microsoft reported that Russian government-sponsored hackers who had been following the company’s executives had also stolen the giant’s source code. Microsoft warned that the hackers were trying to use the stolen code to gain even more access to software and customer data.
To try to change the situation, Microsoft created the Secure Future Initiative (SFI). Now the company has announced some measures within its framework. Linking executive salaries to security issues is one of them.
“We are making security our top priority at Microsoft, above all else—over all other features,” wrote Microsoft Security Executive Vice President Charlie Bell.
According to him, Microsoft is committed to ensuring that its approach to cybersecurity remains “robust and adaptive to the changing threat landscape.”
According to the tech giant, it will rely on certain security fundamentals and principles (secure by design, secure by default, and secure operations) to eliminate weaknesses in its systems and developments.
Among the company’s promises are to protect all user accounts with “securely managed, phishing-resistant multifactor authentication,” improve network monitoring and isolation, and more.