Conundrums in cyberspace — exploiting security in the name of, well, security

At Microsoft, establishing and sustaining trust with our customers is essential. If our customers can’t rely on us to protect their data—whether from crooks, mismanagement or excessive government intrusion—they will look elsewhere for a technology provider.   Government access to data is a hot topic. But it’s not new. In fact, our General Counsel, Brad Smith, has addressed the issue in a series of blog posts covering, among other topics, Read more »

Reflections on the 1-year anniversary of critical infrastructure cybersecurity initiatives

Last February, both the United States and the European Union announced major cybersecurity policy initiatives. In the U.S., the Executive Order on Improving Critical Infrastructure Cybersecurity put forward an industry-driven approach to developing a Cybersecurity Framework, and emphasized the role of incentives to encourage use of the Framework. In the EU, the European Commission proposed a draft Network and Information and Security (NIS) Directive that suggested a broader scope and Read more »

New Cyber Security Policies Aim to Improve Critical Infrastructure Protection

It has been an interesting time for those that care about cyber security. Last week, the European Union introduced its formative cybersecurity strategy and draft directive on network and information security to better protect critical systems from security incidents and breaches. Two days ago, the White House released an Executive Order entitled Improving Critical Infrastructure Cybersecurity to drive a concerted effort across departments, agencies and industry to improve the posture Read more »

House Task Force Provides Framework for Legislative Action on Cyber Security

This week, the House Cyber Security Task Force, chaired by Rep. Thornberry, released its recommendations and report to help guide legislative action on cybersecurity. The Task Force recommendations represent another key milestone in our combined private and public sector efforts to address the cybersecurity challenges of the Information Age. [Read more…] Fostering Tag

Microsoft Engages with Industry and Government Leaders at EWI Cybersecurity Summit

Cybersecurity and the overall health of the Internet has become a key concern for governments, enterprises and computer users. As more people, computers and devices come online (there are approximately 2 billion people using the Internet today), cyber threats have grown more sophisticated and cybercriminals have successfully gathered sensitive data, disrupted critical operations or engaged in other illegal activity such as fraud. Governments around the world have expressed concern that Read more »

The Need for Global Collective Defense on the Internet

Posted by Scott CharneyCorporate Vice President, Trustworthy ComputingFor more than two decades, people have struggled to understand the cyber threat, evaluate the risks to individuals, organizations (including nation-states), and society at large, and craft appropriate responses. Although many organizations have invested significantly in information assurance, most computer security experts believe that a well-resourced and persistent adversary will more often than not be successful in attacking systems, especially if raising defenses Read more »

Creating Trust for the Government Cloud

Posted by Scott Charney Corporate Vice President, Trustworthy Computing Today I’m testifying at a hearing of the House Committee on Oversight and Government Reform. The hearing is on the benefits and risks of the federal government’s adoption of cloud computing. Cloud computing in its many forms creates tremendous new opportunities for cost savings, flexibility, scalability and improved computing performance for government, enterprises and citizens. At the same time, it presents Read more »

Cybersecurity Investments for the Information Age

Last summer, I testified before the House Science and Technology Committee’s Subcommittee on Technology and Innovation about the need for government to develop security strategies to address the full spectrum of risks in the Information Age.  Last week, the House passed The Cybersecurity Enhancement Act, H.R. 4061, which represents an important step to better address those risks.  In recognition of the long-term nature of this challenge, the bill appropriately aims Read more »

Constructing an Information Age Model for Federal Cybersecurity

As I blogged last month, the increasing quantity and sophistication of cyber attacks requires a comprehensive and coordinated strategy to secure the nation’s critical infrastructure and sensitive data. Today I had an opportunity to continue the discussion while testifying before a congressional hearing on  “Assessing Cybersecurity Activities at the National Institute of Standards and Technology and the Department of Homeland Security,” convened by the House Subcommittee on Technology and Innovation.   As I explained Read more »

An Important Step in Advancing Cybersecurity

Today I had the privilege of attending an event at the White House where President Barack Obama announced the results of the 60-day cybersecurity review and highlighted the steps the United States Government would be taking to help ensure the security of our nation’s computer networks.  This is an important step in ensuring we have a comprehensive and coordinated national strategy for cybersecurity.  Advances in information technology have revolutionized the way we live and Read more »