HomeWinBuzzer NewsHouse Committee Calls Microsoft President Brad Smith to Testify on Cybersecurity Lapses

House Committee Calls Microsoft President Brad Smith to Testify on Cybersecurity Lapses

US Congress calls Microsoft's VP to answer for security breaches. Lawmakers concerned after Chinese hackers accessed US officials' emails through Microsoft software

-

The United States House Committee on Homeland Security has summoned Brad Smith, Vice Chair and President of , to testify about the company's recent lapses. The hearing, titled “A Cascade of Security Failures: Assessing Microsoft Corporation's Cybersecurity Shortfalls and the Implications for Homeland Security,” is set for May 22. This follows a series of security breaches at Microsoft, including a June 2023 incident where the China-linked group Storm-0558 compromised the email accounts of senior US officials through Microsoft Exchange.

Increasing Scrutiny and the Need for Accountability

Following these incidents, Microsoft has come under increased scrutiny. The Cyber Safety Review Board (CSRB) investigated the Microsoft Exchange breach and found that preventable mistakes allowed the breach to succeed. The CSRB report highlighted Microsoft's delayed response and criticized its September blog post for inaccurately describing the attack's methodology. Additionally, a January attack by Russia's Midnight Blizzard, also known as Cozy Bear and APT29, compromised emails and files from Microsoft's executive, cybersecurity, and legal divisions, further eroding trust in Microsoft's security measures.

Microsoft's Strategic Response to Security Challenges

In response, Charlie Bell, Executive Vice President at Microsoft Security, recognized the breaches and introduced the Secure Future Initiative (SFI) in November 2023. This initiative, focusing on enhancing security, includes measures to protect identities, isolate production systems, secure networks, and improve threat detection and response times. Security expert Kevin Beaumont, formerly with Microsoft, has cautiously praised the new measures, noting their potential to address longstanding security issues.

As the hearing date nears, Microsoft is preparing its strategy, though no definitive statements have been made. The House Committee on Homeland Security's request for Smith's testimony highlights the importance of robust cybersecurity for and emphasizes the need for accountable technology providers that serve the US government. Microsoft's security overhaul reflects ongoing efforts within the tech industry to combat sophisticated in a connected global environment.

SourceCNBC
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

Mastodon