041 - Is Microsoft Giving Up on Security? - The SFI Leadership Shakeup Explained
25 March 2026

041 - Is Microsoft Giving Up on Security? - The SFI Leadership Shakeup Explained

SysAdmin Weekly

About

Andy and Paul Schnackenburg dig into a leadership change at Microsoft that has the security community raising eyebrows. Charlie Bell, the executive vice president of security who championed the Secure Future Initiative, is out and being replaced by a go-to-market sales executive from the Google Cloud. Satya Nadella's announcement focused on selling more security products, with no mention of continuing the SFI's mission. That omission says a lot.

In News React, the crew covers the new Microsoft 365 E7 SKU (Copilot, Agent 365, and a $99/user/month price tag aimed squarely at mega-enterprises), and the Iran-linked Stryker wiper attack where hackers compromised an Intune admin account and remotely wiped devices across 79 countries (no malware required).

Nerd Hour features Andy's Forgejo self-hosted Git setup and Paul's new electric vehicle.

From there Andy and Paul trace the arc from Microsoft's repeated security breaches, to the scathing CSRB report that seemingly forced the creation of the SFI, to what now looks like the initiative quietly losing steam.

Included is discussion on Microsoft's pattern of treating security as a profit center, the ethical tension of selling security add-ons for your own platform's vulnerabilities, and what SysAdmins should be watching for as this plays out.

    SysAdmin Weekly Website - https://www.sysadminweekly.com
    SysAdmin Weekly Companion Newsletter - https://newsletter.sysadminweekly.com
    SysAdmin Weekly GitHub Community Discussions - ⁠https://github.com/ProjectRunspace/sysadmin-weekly
    AndyOnTech - https://www.andyontech.com
    Project Runspace - https://www.projectrunspace.org
    KrebsOnSecurity: Iran-Backed Hackers Claim Wiper Attack on Stryker - https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/
    CSRB Report: Review of the Summer 2023 Microsoft Exchange Online Intrusion (PDF) - https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewOfTheSummer2023MEOIntrusion508.pdf
    Risky Business Podcast (Recommended by Paul) - https://risky.biz