Former senior White House cyber policy director A. J. Grotto talks about the economic incentives for companies to improve their security—in particular, Microsoft:

Grotto told us Microsoft had to be “dragged kicking and screaming” to provide logging capabilities to the government by default, and given the fact the mega-corp banked around $20 billion in revenue from security services last year, the concession was minimal at best.

[…]

“The government needs to focus on encouraging and catalyzing competition,” Grotto said. He believes it also needs to publicly scrutinize Microsoft and make sure everyone knows when it messes up.

“At the end of the day, Microsoft, any company, is going to respond most directly to market incentives,” Grotto told us. “Unless this scrutiny generates changed behavior among its customers who might want to look elsewhere, then the incentives for Microsoft to change are not going to be as strong as they should be.”

Breaking up the tech monopolies is one of the best things we can do for cybersecurity.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

X.com Automatically Changing Link Text but Not URLs

April 16, 2024 0 Comments 0 tags

Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,”

Three-Quarters of Cyber Incident Victims Are Small Businesses

March 12, 2024 0 Comments 0 tags

Three-quarters of cyber-incidents Sophos responded to involved small businesses in 2023, with attackers’ main goal being data theft

April’s Patch Tuesday Brings Record Number of Fixes

April 9, 2024 0 Comments 0 tags

If only Patch Tuesdays came around infrequently — like total solar eclipse rare — instead of just creeping up on us each month like The Man in the Moon. Although