Security News > 2024 > April > Microsoft and Security Incentives
Grotto told us Microsoft had to be "Dragged kicking and screaming" to provide logging capabilities to the government by default, and given the fact the mega-corp banked around $20 billion in revenue from security services last year, the concession was minimal at best.
"The government needs to focus on encouraging and catalyzing competition," Grotto said.
He believes it also needs to publicly scrutinize Microsoft and make sure everyone knows when it messes up.
"At the end of the day, Microsoft, any company, is going to respond most directly to market incentives," Grotto told us.
"Unless this scrutiny generates changed behavior among its customers who might want to look elsewhere, then the incentives for Microsoft to change are not going to be as strong as they should be."
Breaking up the tech monopolies is one of the best things we can do for cybersecurity.
News URL
https://www.schneier.com/blog/archives/2024/04/microsoft-and-security-incentives.html
Related news
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)