I am saddened to see that changes to the trustworthy computing group within Microsoft. I have dealt with them for many years, first within the UK Government as the Government CIO and now at Huawei. Scott Charney and the team (some who have, over time, gone to pastures new) have developed a world class reputation for excellence in security.
They have been at the forefront of methodologies such as SDL, worked tirelessly to expand other technology vendor and user’s knowledge whilst at the same time dramatically improving the security quality of the Microsoft products.
I can see no real advantage to Microsoft changing this setup. I do not buy the “imbed within the product team argument” because that was already the process and model at Microsoft. What this change does is to take away the focal point for security and instead scatter responsibility. It says to me the new CEO has no or little interest in security. If that is the case then he can kiss goodbye to his cloud first strategy.
My advice, be brave, put it back together again, rather than destroy, reinvigorate the success story and continue to drive TwC to be a strong foundation on which Microsoft products and services are built.