Topic
/
Cybersecurity
-
How we approach cybersecurity risk management at Microsoft
Cybersecurity risk management at Microsoft is an enterprise-wide discipline spanning governance, engineering, operations, and organizational culture. Through our international operations and diverse portfolio of products,…
-
Microsoft CISO advice: Governing security at scale with Security Development Lifecycle
Microsoft first mandated use of Security Development Lifecycle (SDL) in 2004. Now, SDL underpins our Secure Future Initiative (SFI) and supports SFI’s goals of secure…
-
Microsoft CISO advice: Securing AI with full stack red teaming
At Microsoft, we approach security for AI systems holistically using a full stack red teaming that goes beyond just testing an AI model. Corporate Vice…
-
Microsoft CISO advice: Consider the risks of early integration with mergers and acquisitions
When considering mergers and acquisitions (M&A), security needs to be an important part of the financial and operational due diligence process. At Microsoft, the security…
-
Microsoft CISO advice: Apply engineering fundamentals to securing AI
Agentic AI, like any software, is just one part of a business solution. It is not the only element that needs to be secured. Engineers…
-
Microsoft CISO advice: How to build trustworthy agentic AI
Building production-ready solutions with agentic AI comes with inherent risks. When agents make mistakes or hallucinate, the potential impacts can multiply rapidly. “It turns out…
-
Microsoft CISO advice: The importance of a written AI safety plan
Yonatan Zunger, CVP and Deputy CISO for Microsoft, has spent his career considering complex questions with security and privacy while building platform infrastructure and solutions.…
-
Microsoft CISO advice: The most important thing to know about securing AI
Using AI comes with inherent risks. In a recent video, Yonatan Zunger, CVP and deputy CISO for Microsoft, suggests thinking about AI as a new…