Microsoft Commits to Improving Cybersecurity Practices in House Hearing

Microsoft President Brad Smith did not expect to receive praise from lawmakers after the company’s email service experienced a breach by China-backed hackers.

In a hearing before the House Homeland Security Committee on Thursday, lawmakers praised Smith and the Redmond, Virginia, company after it immediately took action and took responsibility for lapses in its cybersecurity practices. Among the most recent cyberattacks experienced at Microsoft was when Chinese-government-backed hackers broke into the emails of U.S. government officials during the summer of 2023.

With three percent of the U.S. annual federal information technology spending going to Microsoft, Smith discussed initiatives at the company to ensure federal agencies only use secure products, Federal News Network reported. 

The hearing comes after the Cyber Safety Review Board report called out the tech company for failing to protect its customers from malicious actors. At the same hearing, Smith criticized the CSRB’s composition, with its Deputy Chairwoman Heather Adkins also serving as Google’s vice president for security engineering.

Released in April, the CSRB report claimed the company’s “inadequate” security culture for the Summer 2023 Microsoft Exchange Online breach. It recommended a significant overhaul, with a focus on the centralized technology ecosystem.