In light of recent events, Microsoft has decided to tie executive salaries to the functioning of security systems: if the company is hacked, the bosses will be «cut» bonuses.

Microsoft made such decisions after a series of high-profile attacks — Chinese Storm-0558 and Russian Midnight Blizzard, reports ArsTechnica.

Storm-0558 hacked Microsoft Azure in mid-2023 and collected data for over a month. And more recently, in January, pro-Kremlin hackers Midnight Blizzard managed to «compromise an outdated non-production test account» and gained access to the systems for two months.

Safety comes first

The Secure Future Initiative (SFI) was launched in November last year. Now it will be expanded to include provisions on compensation for bosses.

«We make security our top priority at Microsoft. Above all else… …part of the compensation of senior executives will be based on the success of our security plans», — wrote Charlie Bell, vice president of security at Microsoft, wrote in his blog.

Microsoft manifests three security principles:

«secure by design»;

«secure by default»;

«secure operations».

The company also claims that it plans to protect 100% of user accounts:

using «secure, phishing-resistant multi-factor authentication»;

improve network monitoring;

save all system security logs.

Thus, the salaries of executives will partially depend on whether the company «complies with the security plans of».

The other day, an internal memo from Microsoft’s CEO was published, which states that improving security should be a higher priority than adding new features

It’s worth mentioning here that Microsoft recently added its AI assistant Copilot to Windows 11 autorun. Developers and expertscalled these changes are disgusting because it «resembles the behavior of some annoying third-party application».