Microsoft backs FBI cybersecurity drive targeting basic security failures
Nine-week Operation Winter SHIELD focuses on implementing known controls rather than awareness campaigns
Microsoft is supporting Operation Winter SHIELD, a nine-week cybersecurity initiative led by the FBI that begins on 2 February.
The effort focuses on implementing known security controls rather than on awareness or education, and Microsoft will provide implementation resources and guidance on controls including Baseline Security Mode.
Investigative perspectives from the FBI and Microsoft show repeated failures in basic security: stolen credentials still work, legacy authentication remains enabled, end-of-life systems stay connected and misconfigurations persist.
Sherrod DeGrippo, deputy chief information security officer and general manager of customer security at Microsoft, said organisations needed to move from knowing to doing.
Microsoft said Baseline Security Mode blocks legacy authentication paths, requires phish-resistant multifactor authentication for administrators, surfaces unsupported systems and enforces least-privilege access.
Related reading
- Department of Education and Microsoft expand AI partnership in schools
- Microsoft updates Secure Development Lifecycle to tackle AI-specific threats
- Thales launches AI Security Fabric
Starting the week of 2 February, the initiative will focus each week on one high-impact control area and provide practical guidance, technical resources and examples to help organisations move from guidance to enforced guardrails.
The programme represents a shift from traditional awareness campaigns towards practical implementation of security measures that are already well understood but often not deployed.
The Recap
- Microsoft is supporting a nine-week FBI-led security initiative.
- Baseline Security Mode blocks legacy authentication and enforces least-privilege.
- Weekly guidance begins the week of 2 February.
