REDMOND, Wash. >> Microsoft was once the epitome of everything wrong with security in technology. Its products were so infested with vulnerabilities that the company’s co-founder, Bill Gates, once ordered all of Microsoft engineers to stop writing new code for a month and focus on fixing the bugs in software they had already built.

But in recent years, Microsoft has cleaned up its act, even impressing security specialists like Mikko Hypponen, the chief research officer for F-Secure, a Finnish security company, who used to cringe at Microsoft’s practices.

"They’ve changed themselves from worst in class to the best in class," Hypponen said. "The change is complete. They started taking security very seriously."

On Tuesday, Microsoft’s chief executive, Satya Nadella, plans to deliver a speech to government technology workers in Washington about the importance of security in the technology business and how Microsoft has evolved to confront that threat. He plans to point out that most companies will probably be breached at some point.

Nadella, in a phone interview, said he intended to lay out how Microsoft products make it harder for hackers to compromise PCs, and how the company has eliminated the corporate divisions that separated security managers from each other to improve how threat information is shared.

"It’s kind of like going to the gym every day," Nadella said. "You can’t say I’m serious about security without exercising the regimen of keeping security top of mind every second, every hour of the day."

Soon after he became Microsoft’s chief executive in February of 2014, Nadella instituted a monthly meeting with security leaders from across the company. He also altered how Microsoft watched the Internet for hacker attacks, an effort that had been splintered among different product groups and other divisions within the company.

Talking about security was long taboo in the technology industry. But in recent years, it has become a marketing tool. Microsoft estimates that it now spends more than $1 billion a year on security-related initiatives. It acquired three security startups in the last year alone, and the number of security employees at the company increased 20 percent during that time.

© 2015 The New York Times Company