US senator blasts Microsoft for “negligent cybersecurity practices” (arstechnica.com)

submitted 1 year ago by BrikoX@lemmy.zip to c/worldnews@lemmy.ml

6 comments fedilink hide all child comments

cross-posted from: https://lemmy.zip/post/795564

Archived version: https://archive.ph/qFPbB
Archived version: https://web.archive.org/web/20230728012222/https://arstechnica.com/security/2023/07/us-senator-blasts-microsoft-for-negligent-cybersecurity-practices/

you are viewing a single comment's thread
view the rest of the comments

[-] SpacePirate@lemmy.ml 2 points 1 year ago

While Microsoft should absolutely be held accountable for flaws in its code and its failures to disclose actively-exploited attacks in the wild against said flaws, most organizations have policies (or the lack thereof) resulting in security flaws you can drive a truck through.

Specifically, a lack of M365 and Teams “app” review and approval processes, a lack of CASB tooling, and grossly inadequate asset inventories and security agent coverage. You can’t protect what you can’t see, and most Microsoft customers are barely doing the minimum.

Is that Microsoft’s fault, when they explicitly tell your admins you’ve got a “Secure Score” of 19%, and they don’t do shit about it?

this post was submitted on 28 Jul 2023

41 points (90.2% liked)

World News

32323 readers

855 users here now

News from around the world!

Rules:

Please only post links to actual news sources, no tabloid sites, etc
No NSFW content
No hate speech, bigotry, propaganda, etc

founded 5 years ago

MODERATORS

Rumblestiltskin@lemmy.ml

AgreeableLandscape@lemmy.ml

jackmarxist@lemmy.ml

zephyreks@lemmy.ml

OurToothbrush@lemmy.ml