Microsoft CEO on cybersecurity: We're all in this together

In a State of Security address, Satya Nadella acknowledged that we face more digital threats than ever before, but he also proposed solutions for how to fix them.

Friday’s attacks in Paris left many searching for answers, not only for the names and identities of the suspected terrorists, but also for how they were able to plan such a coordinated assault without their messages being intercepted. The attacks have renewed a worldwide debate over encryption and the security risks that it poses.

In a State of Security Address at the Microsoft Cloud Forum on Tuesday, Microsoft CEO Satya Nadella acknowledged that it does seem to be the case that new threats crop up with each new iteration of technology. But he reiterated the importance of unity in the face of digital threats.

“We have always had attacks on trust,” Mr. Nadella said, “[and] each time we have come together as a community to respond.”

“We know we don’t live in isolation. [We] have a heterogeneous environment and we need to operate within it,” he added.

Microsoft has not always had the easiest time in addressing security breaches in its products. Bill Gates ordered security to be a top priority for Microsoft engineers in 2002, but Microsoft products have been continually beset by bugs since then, including a vulnerability discovered in the Windows shell in October.

But in the talk, Nadella said that Windows 10 is far and away the safest Windows update so far, thanks in large part to facial-recognition login technology and a service called Device Guard, which locks devices so that they can run only trusted applications.     

Nadella also announced that, in addition to the $1 billion the technology company has already invested in security so far this year, Microsoft will be building a new Cyber Defense Operations Center at its corporate headquarters outside Seattle.

Microsoft also plans to develop a team of cybersecurity experts called the Microsoft Enterprise Cybersecurity Group. The defense center will focus on responding to threats in real time, while the cybersecurity group will provide  solutions and analysis to other organizations, according to Microsoft’s website.

Microsoft’s Chief Information Security Officer Bret Arsenault explained in an interview with cybersecurity magazine Dark Reading that the launches are part of Microsoft’s corporate emphasis on seeking to provide improved digital security and privacy to its customers and corporate partners.

“We made the decision that we should get security as close to the workload as possible, versus its own separate product. We think that goes back to the idea of evolving from one perimeter to [being a focus of] everything we do: protect[ing] data, devices, and people,” Mr. Arsenault said.

In his talk, Nadella said, “Trust is central to our mission. [We take a] principled approach to ensure our customers trust the digital technologies they use.”