Microsoft, Facebook Lead Cybersecurity Tech Accord Initiative
Microsoft, Facebook Lead Cybersecurity Tech Accord Initiative
Microsoft and Facebook are leading an initiative to improve the “security, stability and resilience of cyberspace” — as well as to aid any country that falls victim to cyberattacks.
The companies call the initiative Cybersecurity Tech Accord. The agreement, announced Tuesday and signed by more than 30 companies, including Cisco, Dell, HP, Nielsen, Nokia, Oracle and others, comes as U.S. and U.K. intelligence agencies issued a joint warning about Russian cyberattacks on the internet infrastructure.
The infrastructure covers banking, healthcare, shopping, online search, cloud services for advertisers and more.
“We called on the world to borrow a page from history in the form of a Digital Geneva Convention, a long-term goal of updating international law to protect people in times of peace from malicious cyberattacks,” wrote Brad Smith, president at Microsoft, in a blog post. “But as we also said at RSA last year, the first step in creating a safer internet must come from our own industry, the enterprises that create and operate the world’s online technologies and infrastructure.”
Some of the biggest names in tech advertising — Apple, Amazon, and Google — are not present in the accord. Ironically, Apple and Google have traditionally taken a stance to protect consumer data, especially when government entities require it for law enforcement.
The companies that signed the accord made commitments to make a stronger defense against cyberattacks, protecting all consumers globally regardless of the motivation for the online attacks. The companies also pledge to help developers use their technology to protect companies, which may include working on new security practices and features.
The goal is to work together in order to establish partnerships with the industry, civil society and security researchers to improve technical collaboration, coordinate vulnerability disclosures, share threats and minimize the potential for malicious code to be introduced into cyberspace.
It also means not helping governments that launch cyberattacks and protect against tampering or exploiting their products and services through technology development, design and distribution.
(25)