Information Security

Thoughts & Experiences from Todd Kutzke

June, 2009

Blog - About

About Information Security

About Me

Last Update: April 20, 2009

I am Todd Kutzke, Senior Director of Information Security (InfoSec) at Microsoft. My role is to manage Microsoft’s information security risk. I make it my priority to protect Microsoft. Our mission is to enable secure & reliable business for Microsoft and our customers. Every day, I’m challenged to make trade off decisions between security and performance. This blog is a place where I’ll share with you what I’ve learned in the process and the challenges we face in information security.

You could say security found me. When I joined Microsoft about 10 years ago in 1999, growing demands for security and privacy programs as well performance services opened an opportunity for me to build a team from the ground up. This was the beginning of the ACE (Assessment, Consulting & Engineering) Team. We first formed the ACE Performance team focusing on providing performance services to internal Microsoft. In 2001, we then naturally progressed to form the ACE Security team to support our security and privacy programs which encompassed security assessment, compliance to governance. In 2004 we were given the great opportunity to offer our internal Microsoft security services to external Microsoft customers through Microsoft Consulting Services. This formed the ACE Services team. In 2008, my team expanded again and became a part of Microsoft IT’s Information Security group.

We continue to provide Microsoft customers with the best in Microsoft IT, IP and services globally.


Personal Philosophy:

“Do what you say you will do.”

  • Information Security

    From Hyderabad: Teamwork

    I had a chance to play Cricket with the InfoSec India team this week. It was a great blast and it helped me frame an example I like to use to promote team work. Cricket, like a lot of sports, has many different roles that come together to make up a team...
  • Information Security

    Rethinking Information Security: Align vs. Govern

    There is little doubt that information is fast becoming ubiquitous. In its digital form, you can have access to information over your desktop PC at home or work, your mobile laptop, your phone or even your entertainment system in your living room. The...
  • Information Security

    Announcing SDL-LOB

    I’m very excited to announce the recently released SDL-LOB. You can read more here and be sure to check back regularly on as we will be highlighting various aspects of SDL-LOB. -Todd
  • Information Security

    Information Security in India

    Next week I’m going to be in India to visit our team in Hyderabad. Outside of Redmond, USA, Hyderabad is our largest presence that makes up about 20% of our overall globally distributed Information Security team. It’s always a blast for me to visit India...
  • Information Security

    From Hyderabad: Local Leadership

    I arrived in Hyderabad earlier this week and am underway meeting with the team members here. As I mentioned in the previous post , we realized early on how important it was to the overall success of InfoSec that we have presence in India. After we started...
  • Information Security

    From Hyderabad: Over The Weekend

    Over the weekend, I had an opportunity to visit a few orphanages around Hyderabad. It’s an incredibly humbling experience. A little while back, I read a fantastic book titled “ Three Cups of Tea ” which really gets you thinking about the importance of...
  • Information Security

    Beautiful Security

    Mark Curphey , who also leads our Information Security Tools team , contributed a chapter in a security book that was recently released. It’s a great book and you can get his chapter online for free… read more here . -Todd
Page 1 of 1 (7 items)