Microsoft will now factor employees’ cybersecurity contributions into their performance reviews, influencing their compensation.
The move is part of the company’s commitment to enhancing data protection.
Brad Smith, Microsoft’s vice chair and president, announced this ahead of a US House committee hearing on Thursday, June 13.
The concerns over security were discussed at the meeting.
This initiative is a response to growing concerns about Microsoft’s efforts to safeguard client data.
In April, the Department of Homeland Security issued a report following an independent review of a breach by China.
This compromised US government officials’ email accounts, an incident Microsoft disclosed last year.
The report highlighted shortcomings in Microsoft’s practices, prompting the company to pledge changes.
In his written testimony to the House Committee on Homeland Security, Smith said cybersecurity will become a core priority for employee evaluations.
Starting in the 2025 fiscal year, which begins on July 1, cybersecurity performance will be a key component in the twice-annual reviews for all employees.
For senior executives, one-third of the “individual performance” portion of their bonuses for 202 will be based on their cybersecurity efforts.
This will be assessed by the board’s compensation committee.
A breach by China compromised US government officials’ email accounts
Even in the current fiscal year, which ends on June 30, executives could see their pay influenced by cybersecurity performance.
Need Career Advice? Get employment skills advice at all levels of your career
Smith said: “The Board also decided that for the current fiscal year, the Compensation Committee will explicitly consider each Senior Leadership Team (SLT) member’s cybersecurity performance in its annual performance assessments.”
He also noted that the Board could exercise downward discretion on compensation based on cybersecurity performance.
Last month, Charlie Bell, Microsoft’s executive vice president for security, announced senior executives’ pay would partly depend on the company’s progress in achieving cybersecurity goals.
The House committee hearing, which will delve into Microsoft’s security practices, begins at 1:15 p.m. ET on Thursday and will be livestreamed on YouTube.
