When I speak with customers, they often ask how they can successfully change the culture of their IT organization when deciding to implement a resilience engineering practice. Over the past decade I’ve collected a number of books and articles which I have found to be helpful in this regard, and I often recommend these resources to customers. I’ve included my favorites below, in no particular order, with a short explanation of why I’m recommending them. See more>>
What does the future look like? To take a closer look, Microsoft has released a report called “Cyberspace 2025: Today’s Decisions, Tomorrow’s Terrain.” How will the choices organizations make at present, affect their ability to shape the social, economic and demographic changes a decade from now? See more >>
Antimalware companies have for some time used machine learning and big data analysis to detect and disrupt malware. But to move from disruption to eradication, the antimalware ecosystem must work with new types of partners in different ways. Read more >>
For more than a decade, Microsoft has invested in a comprehensive privacy program that sets the foundation for our efforts to responsibly manage our customers’ data. An important part of our privacy commitment is that we evolve our policies and practices to address the changes in technology and customer expectations. Earlier today, Microsoft General Counsel Brad Smith announced a change to Microsoft’s privacy practices to further enhance our privacy commitments. Read more >>
One of the best things about the RSA Conference is the incredible exchange of ideas that takes place, and this year was no exception.
Microsoft’s security and privacy leaders were busy, not just with their own presentations, but also in discussions with other thought leaders, industry professionals and customers from around the world. See more >>
The keynote sessions at the RSA Conference are always compelling. This year’s presentations at the Moscone Center in San Francisco have been some of the best I’ve seen, with a strong focus on government surveillance programs and what they mean for the IT industry.
In his keynote speech, Trustworthy Computing Corporate Vice President, Scott Charney, discussed “Conundrums in Cyberspace”, along with his take on the sometimes conflicting roles of government as it relates to the internet. See more >>
Today my colleague Matt Thomlinson, Vice President, Microsoft Security, was on a panel entitled “Rebooting Trust? Freedom vs. Security in Cyberspace” at the long standing (it is in its 50th year!) Munich Security Conference.
He also discussed a number of efforts afoot to protect customer data from government snooping: expanding encryption across our services; reinforcing legal protections for our customers’ data; and enhancing the transparency of our software code, including establishing a number of locations called Transparency Centers, to enable even greater assurances of the integrity of our products and services.
Matt announced that Microsoft will open a Transparency Center in Brussels, one of several around the world. Read more >>
The Trustworthy Computing blog covers Microsoft’s perspective on security, privacy, online safety, and reliability, especially as they relate to the cloud.
For readers who want additional information on those topics, check out our other TwC Blogs, which provide insights from Microsoft experts, plus information on mitigation tools, secure development, security updates, online safety, and more. Read more >>
Suggested Resolutions for Cloud Providers in 2014 #2: Be precise about what the service does, and doesn’t do
In my last post, I kicked off a series on New Year’s resolutions that I’d like to see cloud providers embrace in 2014. I began with Suggested Resolution #1: Reinforce that security is a shared responsibility.
Next up is Suggested Resolution #2: Be precise about what the service does, and doesn’t do.
Suggested Resolutions for Cloud Providers in 2014 #1: Reinforce that security is a shared responsibility
Happy 2014! The arrival of a new year is always a great time to reflect on where you’ve been over the past 12 months, and more importantly, where you are headed. I was recently asked to share some New Year’s Resolutions for cloud providers for an article in Security Week and I thought I’d expand a bit more on those and share them with you.
Let’s start with Suggested Resolution #1: Reinforce that security is a shared responsibility.