Security News > 2024 > April > Microsoft and Security Incentives
Grotto told us Microsoft had to be "Dragged kicking and screaming" to provide logging capabilities to the government by default, and given the fact the mega-corp banked around $20 billion in revenue from security services last year, the concession was minimal at best.
"The government needs to focus on encouraging and catalyzing competition," Grotto said.
He believes it also needs to publicly scrutinize Microsoft and make sure everyone knows when it messes up.
"At the end of the day, Microsoft, any company, is going to respond most directly to market incentives," Grotto told us.
"Unless this scrutiny generates changed behavior among its customers who might want to look elsewhere, then the incentives for Microsoft to change are not going to be as strong as they should be."
Breaking up the tech monopolies is one of the best things we can do for cybersecurity.
News URL
https://www.schneier.com/blog/archives/2024/04/microsoft-and-security-incentives.html
Related news
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- AI agents swarm Microsoft Security Copilot (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)