“Leadership must also come from the C-Suite to positively influence security’s mission in a holistic manner. Security’s goal is to be viewed as a significant business enabler and partner.”

November 5, 2013

“Leadership isabout understanding yourself first, recognizing strengths and weaknesses, and targeting continuous improvement,” says Mike Howard, Chief Security Officer at Microsoft. “It is an attitude and mindset to focus on the team and organizational goals first. Leaders are able to change focus from subject matter expertise to a focus on their team by setting strategic goals, letting go of the details and steering the team through execution.”

Mike’s view and strength in leadership had everything (almost) to do with his becoming the Global CSO at Microsoft. “My wife and I were both in the CIA. After we retired we wanted to be on the West Coast and near family. I connected with a friend who knew a recruiter who was seeking an executive opportunity protecting Bill Gates and Microsoft’s top executives. I spent a year as Director of Executive Protection.” One year later, Mike earned the Global CSO position and took over all of Microsoft Global Security.

One of the most important contacts is a person that Mike considers a mentor. “A former military officer I worked for at CIA gave me the chance at leadership where I was able to do new things and even fail without judgment. But through that process I remained positive and learned.”

During Mike’s time at Microsoft, he has worked to learn and improve his business acumen. “This is such an innovative sector, and it is great to be a part of the cutting edge of technology and to actually be able to touch it, from software to the cloud to communications.

“It is fascinating to watch Microsoft use the technology and do things that are beyond the traditional security technology market. For example, we are driving security product development and generating revenue through our Showcase Program. We leverage our Global Security Operations Center (GSOC), partnering with our Sales Teams, to showcase the Microsoft Technology we employ on a daily basis to enterprise customers. This process has helped our team learn more about the business and deliver better risk management and security to them. We have also been credited with bringing in millions of dollars to the enterprise.”

The very rapid scale and innovation in the information technology sector is challenging from the standpoint of remaining out in front, regarding emerging risks. The requirement to secure research and development is consistently escalating.

“Microsoft is changing from a strictly software company to a Devices and Services Company, which embraces tablets, mobile devices and cloud services,” Howard adds. “The way people get, use and move information is fluid, and we constantly reinvent our security policies and programs to stay ahead.”

In addition to the product set changing dramatically, Microsoft’s geography is ever expanding. The company has new growth initiatives in Asia and Africa. Mike and his team are on point to provide this growing employee workforce with protection and physical security in these regions. The company is now moving into retail arena with products such as the Surface, Windows Phone and Xbox.

“As we expand internationally, our relationships with public/private organizations such as OSAC become vital,” he says. “The competitive landscape is becoming more complex and the ability to deliver risk management and security is paramount.”

The Microsoft Information Risk Management Council (IRMC) includes Mike, the CISO, and the data center and trustworthy computing departments. “The IRMC developed a multi-year, transparent plan to avoid silos and leverage capabilities,” he explains. “The IRMC has gained sponsorship with corporate VPs, legal, internal audit and the new business lines, such as retail, to focus on security issues.” As a result, Microsoft security addresses the business units at an enterprise level to mitigate risks. They leverage resources and deliver a single, comprehensive risk management program.

“Leadership must also come from the C-Suite to positively influence security’s mission in a holistic manner,” Mike says. “Security’s goal is to be viewed as a significant business enabler and partner. We are not just there to break the glass in case of an emergency. Being told that we are seen as strongly integrated into the business’s mission is a great compliment. Security is a true profession and the landscape is changing. Security must be integrated into the core mission of the enterprise and receive a seat at the table.”

The diversity of experience and learning has been great for Mike. “On the management side, I have worked to understand the different business sectors in the company and industry. On the leadership side, I have learned how to manage in the private sector. It has been very rewarding to become a better business leader. The opportunity to participate in the industry, meet and work with peers and learn from others has been great.

Mike is married and has enjoyed martial arts since age 14. Mike, thanks for your service.

Security Scorecard

Annual Revenue: $73.7 Billion

Security Budget: $45 Million

Critical Issues

Expanding Global Footprint (Asia, Africa)
Protection of IP
Supporting New Business Lines (Retail)

Security Mission

Asset Protection/Loss Prevention (for Resale)
Brand/Product
Corporate
Enterprise Resilience
Enterprise Risk Management
Global Security Operations Center
Intelligence Analysis, Communications, Technology, Background Checks,
Showcasing
Investigations
Physical/Asset Protection (Not for Resale)
Workforce Protection

Pandemics, Recessions and Disasters: Insider Threats During Troubling Times

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Industrial Cybersecurity: What Every Food & Bev Executive Needs to Know

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

Poll

Who has ownership or primary responsibility of video surveillance at your enterprise?

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Mike Howard: Leading Security Innovation and Business Growth

“Leadership must also come from the C-Suite to positively influence security’s mission in a holistic manner. Security’s goal is to be viewed as a significant business enabler and partner.”

The latest news and information

Content written for business-minded executives who manage enterprise risk and security

Mike Howard: Leading Security Innovation and Business Growth

“Leadership must also come from the C-Suite to positively influence security’s mission in a holistic manner. Security’s goal is to be viewed as a significant business enabler and partner.”

Related Articles

The latest news and information

Content written for business-minded executives who manage enterprise risk and security