Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Craig Hale

Microsoft is tying executive pay to security performance — so if it gets hacked, no bonuses for anyone

A person at a laptop with a cybersecure lock symbol floating above it.

In a bold move addressing some major cybersecurity concerns that have plagued the company in recent months, Microsoft has linked executive compensation to the company’s security performance.

The strategic manoeuvre comes after a series of high-profile attacks affecting the company, such as those by China’s Storm-0558 and Russia’s Midnight Blizzard.

The revelation arrives days after Microsoft CEO Satya Nadella confirmed that the company’s renewed commitment would see it “putting security above all else.”

Security boosts

The initiative, which has been called the Secure Future Initiative (SFI), launched last November, and has now been expanded to affect executives’ pay.

Charlie Bell, Executive Vice President of Microsoft Security, shared in a blog post: “We will instill accountability by basing part of the compensation of the company’s Senior Leadership Team on our progress in meeting our security plans and milestones.”

The expansion of Microsoft’s SFI takes into consideration recommendations provided by the Department of Homeland Security’s Cyber Safety Review Board (CSRB). The March report slated Microsoft for making a series of “avoidable errors.”

Specific details surrounding Microsoft’s decision to directly link at least part of its executives’ pay to cybersecurity performance are unconfirmed, but it certainly reflects the company’s goal of instilling a more proactive and engaged response to cybersecurity among workers.

Bell added: “Our company culture is based on a growth mindset that fosters an ethos of continuous improvement.”

Redmond’s Chief Information Security Officer, newly appointed Igor Tsyganskiy, has also pushed a new new security governance framework, which Microsoft says “introduces a partnership between engineering teams and newly formed Deputy CISOs, collectively responsible for overseeing SFI, managing risks, and reporting progress directly to the Senior Leadership Team.”

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.