Security News > 2024 > April > Microsoft and Security Incentives
Grotto told us Microsoft had to be "Dragged kicking and screaming" to provide logging capabilities to the government by default, and given the fact the mega-corp banked around $20 billion in revenue from security services last year, the concession was minimal at best.
"The government needs to focus on encouraging and catalyzing competition," Grotto said.
He believes it also needs to publicly scrutinize Microsoft and make sure everyone knows when it messes up.
"At the end of the day, Microsoft, any company, is going to respond most directly to market incentives," Grotto told us.
"Unless this scrutiny generates changed behavior among its customers who might want to look elsewhere, then the incentives for Microsoft to change are not going to be as strong as they should be."
Breaking up the tech monopolies is one of the best things we can do for cybersecurity.
News URL
https://www.schneier.com/blog/archives/2024/04/microsoft-and-security-incentives.html
Related news
- Microsoft's Brad Smith summoned by Homeland Security committee over 'cascade' of infosec failures (source)
- Google takes shots at Microsoft for shoddy security record with enterprise apps (source)
- Azure Service Tags tagged as security risk, Microsoft disagrees (source)
- Microsoft shows venerable and vulnerable NTLM security protocol the door (source)
- Microsoft delays Windows Recall amid privacy and security concerns (source)
- Microsoft Delays AI-Powered Recall Feature for Copilot+ PCs Amid Security Concerns (source)
- Microsoft delays Windows Recall rollout, more security testing needed (source)
- Microsoft answered Congress' questions on security. Now the White House needs to act (source)
- Microsoft: New Outlook security changes coming to personal accounts (source)