How will the security strength be monitored for sufficiency?

We do this through so-called pen

We do this through so-called pen. Testing, security by design and going along with all Microsoft improvements that are implemented on the Azure platform