The Three Ghosts of Microsoft Security

Wednesday 8th October 2008, 7:00 pm

Speaker: Stephen Lamb, Microsoft UK

Venue: The Royal Scots Club Hepburn Suite, 30 Abercromby Place, Edinburgh EH3 6QE - map and direction.

This is joint meeting with the IET Scotland South East Network. The IET request that you register for this talk by clicking here.

This talk is free of charge. Refreshments available from 6:30 pm.


Features, functions and flashing lights - that's what the majority of developers focussed upon. Certainly there were those who wrote security features, but the vast majority of Microsoft developers devoted most of their time to meeting the needs dictated by the functional specification. Windows and Office became some of the most hacked and exploited software on the planet.

This all changed four years ago when Bill issued his memo kicking off "Trustworthy Computing", dictating that Security was "job one". A huge cultural change ensued, including all development being halted while everyone underwent appropriate security training. Microsoft's Security Development Lifecycle was born and with it a significant change to the way each of us worked. Secure by default, design and deployment became the mantra for Microsoft software. Hackers have now shifted their primary focus towards third party applications to discover bugs and security weaknesses that they can exploit.

What is the future for Microsoft security? How will we ensure that we continue to lead the way in eradicating vulnerabilities whilst maintaining ease of use and functionality that excites our customers? What new threats lie around the corner? What can we expect from security in "Windows 7"?

In this talk Stephen will take us through the history of Microsoft security, bringing us up to date on where Microsoft is at today and point out the direction of security improvements coming down the pipeline. He will also discuss how Microsoft responds to security incidents and explain the process to release updates and patches to fix vulnerabilities. Come along to hear why Microsoft software is now some of the most secure on the planet.

About the speaker


Stephen Lamb is passionate about helping people to make the most of technology to improve the quality of their lives. He has been specialised in information security technologies focussing on doing more with less risk. Stephen has worked for Microsoft in the UK for the last six years as a technical security advisor. He is particularly interested in helping business transform both their cultures and adoption of technology to reduce their impact on the environment and enable flexible working practises.

Stephen writes most days on his blog which is located at where he shares ideas, raises the profile of other people's thoughts and actively listens for feedback.

Stephen enjoys observing the social aspects of the way people use technology and works with others to encourage IT Professionals, Developers and software Architects to innovate solutions that are effective for everyday folk.

Outside work Stephen is a keen Climber, Diver, Snowboarder, Windsurfer, Freestyle Kayaker, Skateboarder and is into most things that go fast and/or involve water!