The Cyber Safety Review Board (CSRB) is conducting a security review of Microsoft’s cloud services following a string of breaches. The review will focus on Microsoft’s identity management and authentication infrastructure, as well as its security logging tools.
The CSRB is a public-private collaboration that was created to improve the nation’s cybersecurity. The board is made up of representatives from government agencies, industry organizations, and academia.
The review of Microsoft’s cloud security comes after the company was hacked multiple times in recent months. In July, Microsoft disclosed that a state-sponsored hacking group had breached its Exchange Online service. The hackers were able to steal email accounts and other sensitive data from government agencies and businesses.
This marks the third security review by the public-private collaboration, which previously examined vulnerabilities like the Log4J exploit and criminal hacking activities of Lapsus$.
Microsoft has since taken steps to improve the security of its cloud services. However, the CSRB’s review will assess whether these measures are sufficient.
The review is expected to be completed in the coming months. The CSRB will then issue a report with its findings and recommendations.
The sources for this piece include an article in CPOMAGAZINE.