As the US Cyber Safety Review Board (CSRB) and the Cybersecurity and Infrastructure Security Agency (CISA) are whipping Microsoft for poor cybersecurity practices, Google is rummaging through its belongings for any valuable customers it might snag.
Earlier this week, the search engine giant published a new whitepaper titled “A more secure alternative”, in which it heavily criticized Microsoft’s recent security lapses that resulted, among other things, in sensitive information being stolen from government agents’ email accounts.
In June 2023, the US State Department identified suspicious activity in its Microsoft 365 accounts, with the software giant later determining that the Chinese state-sponsored threat actor known as Storm-0558 accessed and exfiltrated unclassified Exchange Online Outlook data.
The entire incident turned into quite the fiasco, as the hackers used a previously acquired MSA key to forge tokens to access OWA and Outlook.com. How they obtained the MSA key remains a mystery. As a result, both CISA and CSRB published reports, slamming how Microsoft handled the incident.
Now, Google took a swing at the Redmond giant, essentially saying that its Workspace offering (its productivity suite that includes Gmail, Google Drive, and other tools) is a better, safer alternative to what Microsoft is offering. Not only that, but also used the opportunity to offer a new promotion in which agencies with at least 500 workers get the Workspace Enterprise Plus plan with a discount, and an extra year for free, should they sign up for at least three years.
While all this is happening, Microsoft isn’t exactly sitting with its hands crossed. It kickstarted the Secure Future Initiative, whose goal it is to address the US government criticism, restore any ruined trust among its customers, and obviously – improve its cybersecurity posture.
“Our Secure Future Initiative (SFI) brings together every part of Microsoft to advance cybersecurity protection across our platforms and products, benefiting customers around the world, including commercial and government enterprises, small businesses and individuals,” a Redmond spokesperson told The Register.
“In addition to the SFI milestones we recently announced, Microsoft continues working closely with stakeholders across the cybersecurity community, including signing CISA’s Secure by Design pledge and sharing threat intelligence with the security community on sophisticated nation state and cybercrime actors.”
TechRadar Pro contacted Microsoft for comment, but did not immediately receive a response.
