Some who are looking closely at the new Covid19 relief bill put through Congress last week are wondering why Microsoft is getting so much of the money earmarked for cybersecurity in that legislation.
Reuters reports the bill includes $60 million for a “secure cloud platform” to be built under the aegis of the Cybersecurity Infrastructure Security Agency.
Microsoft, write Reuters team Joseph Menn, Christopher Bing, and Raphael Satter, stands to gain one quarter of that money, or $15 million.
Critics are suggesting that after the Solarwinds hack, which affected 100 companies as well as government agencies, and other problems related to its platform, Microsoft should not be getting so much of the federal money allocated for improving cybersecurity.
“If the only solution to a major breach in which hackers exploited a design flaw long ignored by Microsoft is to give Microsoft more money, the government needs to reevaluate its dependence on Microsoft,” Oregon Senator Ron Wyden, a leading Democrat on the intelligence committee, said, according to the Reuters coverage. “The government should not be rewarding a company that sold it insecure software with even bigger government contracts.”
A number of other opinions contradict this sentiment – one has to do with the ubiquity of Microsoft operating systems on personal computers across government, business and personal computing sectors.
Another argument goes like this – shouldn’t the companies that need the most improvement get the most money?
“Modern IT infrastructures are more complex and sophisticated than ever, and the amount of virtual ground that we’ve got to safeguard has also grown exponentially,” says Jesse Rothstein, CTO of online security provider ExtraHop, as quoted in CNBC coverage in 2019. “From mobile to desktop interactions, cybercriminals can launch thousands of digital attacks designed to compromise your operations at every turn, only one of which ever needs to connect to cause serious disruption.”
In addition, Motley Fool reports Microsoft is investing $1 billion in its own cybersecurity initiatives.
So with $1,015,000 in hand for these purposes, what will Microsoft be able to do to close loopholes and vulnerabilities? We’ll see.
