Merge pull request #311755 from msmbaldwin/update-mcsb-v2-refs

Update MCSB references to v2 and add SFI links

Author: prmerger-automator[bot]

articles/security/fundamentals/best-practices-and-patterns.md

@@ -55,3 +55,16 @@ The [Microsoft cloud security benchmark (MCSB)](/security/benchmark/azure/introd
 - **Assess AI workloads**: Review the new Artificial Intelligence Security controls in Microsoft Cloud Security Benchmark v2 (preview) if deploying AI/ML workloads to ensure proper platform, application, and monitoring security
 
 For a complete collection of high-impact security recommendations, see the [Microsoft cloud security benchmark](/security/benchmark/azure/introduction).
+
+### Microsoft Secure Future Initiative (SFI)
+
+The [Microsoft Secure Future Initiative (SFI)](/security/zero-trust/sfi/secure-future-initiative-overview) is a multiyear initiative that advances the way Microsoft designs, builds, tests, and operates its technology. SFI provides security best practices based on six engineering pillars aligned with Zero Trust principles and the NIST Cybersecurity Framework 2.0:
+
+- **Protect identities and secrets**: Phishing-resistant MFA, managed identities, and centralized secrets management
+- **Protect tenants and isolate systems**: Strong tenant isolation and configuration governance
+- **Protect networks**: Granular network segmentation and identity-aware connectivity
+- **Protect engineering systems**: Secure software development lifecycle and supply chain protection
+- **Monitor and detect threats**: Unified telemetry and threat analytics
+- **Accelerate response and remediation**: Automated incident response and continuous learning
+
+For guidance on adopting SFI best practices in your organization, see [Adopt Secure Future Initiative best practices](/security/zero-trust/sfi/secure-future-initiative-adoption).

articles/security/fundamentals/customer-lockbox-overview.md

@@ -151,7 +151,7 @@ Customer Lockbox request history, please use the Activity Log for subscription-s
 
 ## Customer Lockbox for Microsoft Azure integration with the Microsoft cloud security benchmark
 
-We introduced a new baseline control ([PA-8: Determine access process for cloud provider support](/security/benchmark/azure/mcsb-privileged-access#pa-8-determine-access-process-for-cloud-provider-support)) in the Microsoft cloud security benchmark that covers Customer Lockbox applicability. Customers can now use the benchmark to review Customer Lockbox applicability for a service.
+We introduced a new baseline control ([PA-8: Determine access process for cloud provider support](/security/benchmark/azure/mcsb-v2-privileged-access#pa-8-determine-access-process-for-cloud-provider-support)) in the Microsoft cloud security benchmark that covers Customer Lockbox applicability. Customers can now use the benchmark to review Customer Lockbox applicability for a service.
 
 ## Exclusions