Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
As Director of the Security Response Center within the Microsoft Security Business and Technology Unit, I’m really pleased that the MSRC is able to participate in this year’s RSA. Indeed, a year ago, our team didn't travel to RSA because we were deep in midst of implementing process changes improvements post-Blaster – and still refining our management plans, processes and skills in the face of several security incidents last year. Thus, we actually chose to sit out RSA last year – because we felt we needed to stay home and get security response right for our customers.
That hard work has contributed to many changes and improvements regarding how we manage vulnerabilities and security incidents at Microsoft over the last year. We’ve been successful at delivering security updates on a predictable monthly schedule and we’ve improved the quality of our updates, through our internal and partner testing programs. In addition, we’ve worked really hard to make sure that we are providing real-time and transparent guidance regarding security issues – so that customers can take actions to mitigate threats as soon as possible. And we’ve made a lot of progress in delivering tools for detection and deployment to ensure that every security update is supported with a deployment mechanism for enterprise customers.
At the same time, we continue to strive for a seamless updating experience for consumer customers through automatic updating that will soon be improved with integrated updating for all Microsoft products.
While the MSRC has made significant strides this year this year, we are particularly anxious to get real customer feedback and to hear what additional improvements our customers would like to see regarding vulnerability management and security incident response. That is the number one reason why the MSRC is attending RSA this year. In fact, we have brought the entire communications team, led by me – as well as my counterpart on the engineering side, Kevin Kean.
While in San Francisco, we will be meeting with customers and partners, as well as surveying customers at our booth, specifically on how well you think we’ve done with vulnerability management and security response – and what else you’d like to see us do to make security updates and security issues more manageable.
I hope you’ll stop by the booth to meet us and to fill out our survey. I’m really looking forward to meeting as many participants at RSA as I can!
Debby Fry Wilson
*This posting is provided "AS IS" with no warranties, and confers no rights.