Promote this Nomination
|Company size (employees)||10,000 or more|
|Headquarters Region||North America|
In 3 bullets, summarize why this company is different from the competition and deserves recognition:
• Supply-Chain Program:
• Secure Admin Workstation:
• Crisis Management Program:
Summary of Achievements
The Digital Security and Risk Engineering (DSRE) team at Microsoft is a global team responsible for keeping all Microsoft data secure from the 21st century’s ever-growing cyber-threats and ensuring compliance with evolving regulations. Microsoft has a robust corporate incidence response strategy, as well as sophisticated companywide defenses that combine threat monitoring, vulnerability analysis and control tools. We are helping to solve the most vexing problems in the industry, including improving the shortcomings of passwords by eliminating the need for them, and leading a digital transformation by ensuring security in cloud operations.
Standout programs over the past year include the development of our new, industry-leading supply chain security framework, a best-in-class crisis management program and security improvements to critical development and administrative resources. Also notable is OneHunt, a weeklong crisis simulation event that brings together more than 100 security professionals from Microsoft’s various security organizations at company headquarters. During this exercise, “attackers” are asked to penetrate Microsoft’s defenses and achieve objectives by breaching various systems. The “defenders” are responsible for preventing, detecting and responding to the attackers’ actions. This event has a real impact both internally and externally, as product and service improvements are often made based on practices observed during the drill, and executive and peer briefings are delivered following the exercise so learnings can be shared broadly across internal stakeholder groups.