Microsoft is now making security a core priority for all employees as part of their performance reviews. This change aims to implement a security-first mindset in response to high-profile breaches that have raised concerns about Microsoft’s technology reliance. The company is urging employees to prioritize security and proactively look for opportunities to ensure security in everything they do. This shift follows Microsoft’s Secure Future Initiative introduced last fall and is a continuation of previous security initiatives dating back to Bill Gates’ Trustworthy Computing initiative in 2002.
Microsoft CEO Satya Nadella has called on employees to make security their top priority, even if it means making difficult choices to prioritize security above new features or legacy system support. This emphasis on security comes after a critical report by the Cyber Safety Review Board (CSRB) described Microsoft’s security culture as inadequate and called for urgent changes to be overseen directly by the CEO and board. Microsoft has faced security challenges, including breaches by Chinese and Russian state-sponsored hacking groups, leading the company to prioritize security in all aspects of its operations.
The introduction of the Security Core Priority as part of the Connect process is intended to ensure that all employees and managers are committed to security and are accountable for building secure products and services. This core priority joins existing priorities focused on diversity and inclusion, and Microsoft’s expectations and principles for managers. All employees are expected to set their Security Core Priority during their first FY25 Connect, with continuous discussions on progress and impact to follow in subsequent reviews. The company is working to expand access to this new core priority globally through the partnership with geo HR teams.
Microsoft’s emphasis on security aims to create a culture of security-first mindset among its employees as the company continues to navigate through evolving cyber threats. The security changes build on previous initiatives to secure Microsoft’s systems and prioritize security at all levels of the organization. With the company’s 2024 fiscal year ending on June 30, Microsoft reported strong earnings and profits, surpassing Wall Street’s expectations. The company’s investment in security and its commitment to making security a core priority for all employees reflect its dedication to protecting its customers, partners, and the integrity of its technology platforms.
