Get All Access for $5/mo

Microsoft CEO Satya Nadella Says the Company Needs a 'Culture Change' After Security Failures Microsoft has faced a series of high-profile cybersecurity challenges over the past year.

By Lakshmi Varanasi

Key Takeaways

  • Microsoft CEO Satya Nadella called for a culture change amid the company's security challenges.
  • The company has contended with the global CrowdStrike outage and vulnerability to Chinese hacks.
  • Microsoft has accepted responsibility for security flaws, acknowledging breaches by hackers.
Microsoft
Microsoft CEO Satya Nadella discussed the company's security challenges in a recent interview.

This article originally appeared on Business Insider.

Microsoft, the world's largest software maker, doesn't have the best track record regarding security.

Microsoft CEO Satya Nadella says the company needs to change that. "That's what will be culture change," he said in a recent Wired interview.

Microsoft has faced a series of high-profile cybersecurity challenges over the past year.

In July, the company was at the center of a global IT outage caused by a faulty update from cybersecurity firm CrowdStrike. In March, a report from the US Department of Homeland Security flagged Microsoft's security systems as inadequate and called for an "overhaul," noting that the company was particularly vulnerable to attacks from a Chinese hacking group called Storm-0588.

Brad Smith, vice chair and president of Microsoft, acknowledged these flaws in a written statement to the Department of Homeland Security in June. "Before I say anything else, I think it's especially important for me to say that Microsoft accepts responsibility for each and every one of the issues cited in the CSRB's report," he wrote.

Earlier in the year, Microsoft said that its systems had also been compromised by the Russian hacking group Midnight Blizzard, which accessed a "very small percentage" of corporate email accounts. This group was also responsible for the 2020 attack on SolarWinds, a major IT firm that counts Microsoft as one of its primary clients.

Since taking the helm in 2014, Nadella has been known for leading empathetically and emphasizing that change wouldn't come from blaming employees. "This is not about a witch hunt internally at Microsoft," he told Wired. However, he said that "perverse incentives" often lead companies to prioritize product development over securing existing products.

That mindset may have played a role in the SolarWinds attack. A ProPublica report in June found that Microsoft knowingly hid a security flaw in one of its services to avoid jeopardizing its chances of securing government investment in its cloud business. The flaw was later exploited by the Russian hackers behind the attack.

Microsoft did not immediately respond to a request for comment from Business Insider.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

Here's What the CPI Report Means for Your Wallet, According to JPMorgan and EY Experts

Most experts agree that there will be another rate cut next week.

Operations & Logistics

The Holidays Mean Vacation Time — But Disaster Can Still Strike. Is Your Crisis Plan Ready?

Holidays mean different working hours for companies and different schedules for employees that take off. Before you and your team enjoy some much deserved time off, it is important to put a crisis management plan in place so your business is ready to tackle any issue that crops up.

Leadership

3 Ways Your Parenting Skills Can Improve Your Leadership Skills

Parenting and management offer valuable lessons in identifying talent, nurturing potential and fostering growth through encouragement and guidance.

Business Solutions

Right Now, You Can Get More Than 310 Hours of IT Training for Just $50

Stay ahead in tech with the CompTIA Super Bundle.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.