Microsoft moves to strengthen cybersecurity with sweeping initiative

Subsequent cybersecurity incidents at Microsoft over the past few years, including the widespread breach of U.S. government emails earlier this year, the massive email server compromise of 2021, and the SolarWinds hack in 2020, have prompted the company to unveil its new Secure Future Initiative aimed at strengthening security in the software development and testing process, The Verge reports. Under the effort, automation and artificial intelligence will be leveraged by Microsoft to determine software vulnerabilities in development, with GitHub's CodeQL code analysis engine to be used for security check automation. Microsoft will also be developing an "AI-based cyber shield," which will be offered to customers, according to Microsoft Vice Chairman and President Brad Smith. Aside from looking to reduce cloud vulnerability mitigation by 50%, Microsoft also seeks to bolster encryption key-protecting systems. "To stay ahead of bad actors, we are moving identity platforms to confidential computing infrastructure that we helped pioneer. In this architecture, data governing identities is encrypted not only at rest and transit but during computational processes as well," said Microsoft Security Head Charlie Bell.