Yes, Microsoft is judging your security, and it's very important to be aware of what they think of you.
Microsoft 365, which you're probably using to some extent, has a Secure Score. I'm a fan of simple, and it is a simple and comprehensive metric that tells you how safe your M365 environment is. If you have the right permissions on your system, you can find it here:
Link: Microsoft Secure Score
How to increase it?
The default settings of Microsoft 365 of relatively weak. They do offer some Security Baselines, but those are actually excessive for many organizations at this point. So you do need to fine-tune settings to hit that balance of security and user experience, and here are some things that affect the score, when deployed carefully and correctly:
Patch or remove vulnerable 3rd party software
Turn on Multi-factor Authentication using correct methods. Even better if we deploy Passwordless to complement this
Block international logins
Defender or equivalent antivirus with Endpoint Detection and Response (EDR)
Firewall policies
Microsoft patching
Attack Surface Reduction (ASR) policies
Bitlocker
Optimize email security and spam filtering
etc etc
There is plenty that can be done that users aren't even aware of and therefore aren't inconvenienced by the changes.
If your score is below 50 percent, please contact us to discuss how you can increase it.