Microsoft, Google Among Tech Giants Pledging Big Money to Cybersecurity
Some of the biggest names in tech are promising to spend more than $30 billion to bolster cybersecurity capabilities, from securing the supply chain and expanding the adoption of the zero trust model to growing the talent pool, ramping up security awareness and revamping parts of the National Institute of Standards and Technology (NIST) framework.
Varying Levels of Commitment
The long list of promises and initiatives outlined by the tech giants “is a roster of things and all of the things are very different from one another with different levels of commitment,” Chris Gonsalves, vice president of research at Channelnomics, told eSecurity Planet. Pledges from Apple and Amazon to bolster multi-factor authentication do little to move the needle, Gonsalves said.
However, “a number of the vendors on the list have committed serious dollars to getting people trained,” he said. “We all know that there is a cybersecurity skills gap and there’s a real need for basic skills, for folks to staff SOCs [security operations centers], folks to do really basic vulnerability assessments. To up the ante and to move people into those positions, maybe bringing them from IT administrative jobs into more specialized security demands, that’s important from a technology standpoint.”
The push by some vendors to spend money to drive zero trust and improve the basic level of security in their products is important, though it could be argued they should have been doing that already.
“When Microsoft said, ‘Oh, we’re committed to making our products secure and resilient,’ what are you doing now?” Gonsalves said. “That should be part of their charter already. But for them to throw numbers around in the double-digit billions of dollars shows a real commitment there.”
A key point is the recognition by the government and vendors that industrial control systems (ICS) and tech supply chain require special attention, with NIST amplifying its security framework with a specialization around supply chain security and the government making industrial controls a focus.
“This critical infrastructure, a lot of it is in the hands of the private sector, so it really requires this public-private partnership to do it right,” he said.
By Jeff Burt
Read the entire article, Microsoft, Google Among Tech Giants Pledging Big Money to Cybersecurity, at esecurityplanet.com.