Former senior White House cyber policy director A. J. Grotto talks about the economic incentives for companies to improve their security—in particular, Microsoft:
Grotto told us Microsoft had to be “dragged kicking and screaming” to provide logging capabilities to the government by default, and given the fact the mega-corp banked around $20 billion in revenue from security services last year, the concession was minimal at best.
[…]
“The government needs to focus on encouraging and catalyzing competition,” Grotto said. He believes it also needs to publicly scrutinize Microsoft and make sure everyone knows when it messes up.
“At the end of the day, Microsoft, any company, is going to respond most directly to market incentives,” Grotto told us. “Unless this scrutiny generates changed behavior among its customers who might want to look elsewhere, then the incentives for Microsoft to change are not going to be as strong as they should be.”
Breaking up the tech monopolies is one of the best things we can do for cybersecurity.
More Stories
Another Chrome Vulnerability
Google has patched another Chrome zero-day: On Thursday, Google said an anonymous source notified it of the vulnerability. The vulnerability...
UK Insurance and NCSC Join Forces to Fight Ransomware Payments
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses Read More
Black Basta ransomware group’s techniques evolve, as FBI issues new warning in wake of hospital attack
Security agencies in the United States have issued a new warning about the Black Basta ransomware group, in the wake...
How DDR Can Bolster Your Security Posture
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of...
Hackers Use DNS Tunneling to Scan and Track Victims
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities Read More
FCC Names and Shames First Robocall Threat Actor
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group Read More