Author: Rani Lofstrom
Featured
All posts by Rani Lofstrom
-
Microsoft CISO advice: Governing security at scale with Security Development Lifecycle
Microsoft first mandated use of Security Development Lifecycle (SDL) in 2004. Now, SDL underpins our Secure Future Initiative (SFI) and supports SFI’s goals of secure…
-
Microsoft CISO advice: Securing AI with full stack red teaming
At Microsoft, we approach security for AI systems holistically using a full stack red teaming that goes beyond just testing an AI model. Corporate Vice…
-
Microsoft CISO advice: Consider the risks of early integration with mergers and acquisitions
When considering mergers and acquisitions (M&A), security needs to be an important part of the financial and operational due diligence process. At Microsoft, the security…
-
Microsoft CISO advice: Apply engineering fundamentals to securing AI
Agentic AI, like any software, is just one part of a business solution. It is not the only element that needs to be secured. Engineers…
-
Microsoft CISO advice: How to build trustworthy agentic AI
Building production-ready solutions with agentic AI comes with inherent risks. When agents make mistakes or hallucinate, the potential impacts can multiply rapidly. “It turns out…
-
Microsoft CISO advice: The importance of a written AI safety plan
Yonatan Zunger, CVP and Deputy CISO for Microsoft, has spent his career considering complex questions with security and privacy while building platform infrastructure and solutions.…
-
Microsoft CISO advice: The most important thing to know about securing AI
Using AI comes with inherent risks. In a recent video, Yonatan Zunger, CVP and deputy CISO for Microsoft, suggests thinking about AI as a new…
-
Microsoft CISO advice: Read our four tips for securing your network
Geoff Belknap, CVP and operating CISO for Core and Enterprise, shares four key practices your business can use to be prepared for managing network security…
-
Microsoft CISO advice: Explore our four tips for securing your customer support ecosystem
Microsoft business operations teams know all too well that cyberattackers seek to exploit customer support pathways. Tools that can unlock customer accounts or aid in…