Microsoft CEO Satya Nadella Says the Company Needs a 'Culture Change' After Security Failures Microsoft has faced a series of high-profile cybersecurity challenges over the past year.

By Lakshmi Varanasi

Key Takeaways

  • Microsoft CEO Satya Nadella called for a culture change amid the company's security challenges.
  • The company has contended with the global CrowdStrike outage and vulnerability to Chinese hacks.
  • Microsoft has accepted responsibility for security flaws, acknowledging breaches by hackers.
Microsoft
Microsoft CEO Satya Nadella discussed the company's security challenges in a recent interview.

This article originally appeared on Business Insider.

Microsoft, the world's largest software maker, doesn't have the best track record regarding security.

Microsoft CEO Satya Nadella says the company needs to change that. "That's what will be culture change," he said in a recent Wired interview.

Microsoft has faced a series of high-profile cybersecurity challenges over the past year.

In July, the company was at the center of a global IT outage caused by a faulty update from cybersecurity firm CrowdStrike. In March, a report from the US Department of Homeland Security flagged Microsoft's security systems as inadequate and called for an "overhaul," noting that the company was particularly vulnerable to attacks from a Chinese hacking group called Storm-0588.

Brad Smith, vice chair and president of Microsoft, acknowledged these flaws in a written statement to the Department of Homeland Security in June. "Before I say anything else, I think it's especially important for me to say that Microsoft accepts responsibility for each and every one of the issues cited in the CSRB's report," he wrote.

Earlier in the year, Microsoft said that its systems had also been compromised by the Russian hacking group Midnight Blizzard, which accessed a "very small percentage" of corporate email accounts. This group was also responsible for the 2020 attack on SolarWinds, a major IT firm that counts Microsoft as one of its primary clients.

Since taking the helm in 2014, Nadella has been known for leading empathetically and emphasizing that change wouldn't come from blaming employees. "This is not about a witch hunt internally at Microsoft," he told Wired. However, he said that "perverse incentives" often lead companies to prioritize product development over securing existing products.

That mindset may have played a role in the SolarWinds attack. A ProPublica report in June found that Microsoft knowingly hid a security flaw in one of its services to avoid jeopardizing its chances of securing government investment in its cloud business. The flaw was later exploited by the Russian hackers behind the attack.

Microsoft did not immediately respond to a request for comment from Business Insider.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Side Hustle

This 31-Year-Old Spends 2 Hours Per Week On His $3,000-a-Month Passive Income Side Hustle: 'Trust Your Vision'

Hansel Moore's home office "wasn't cutting it" — so he found another place to be creative.

Science & Technology

The Artificial General Intelligence Revolution Is Coming — Here's What Every Leader Needs to Consider.

Here's what leaders need to know to shape an AGI world, ensuring it fosters progress, purpose and a future where technology enhances humanity.

Business News

Chevron Announces Layoffs Affecting Up to 8,000 Workers: 'Stronger Long-Term Competitiveness'

The oil producer said the layoffs are part of a cost-cutting initiative.

Leadership

5 Key Principles for Successfully Attracting the Right Acquisition

The talent platform space is consolidating, here's what every entrepreneur can learn from its acquisitions.

Business Ideas

70 Small Business Ideas to Start in 2025

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2025.