Air Force Orders To Microsoft: Improve Security - InformationWeek
03:30 PM
Ransomware: Latest Developments & How to Defend Against Them
Nov 01, 2017
Ransomware is one of the fastest growing types of malware, and new breeds that escalate quickly ar ...Read More>>

Air Force Orders To Microsoft: Improve Security

The Air Force's CIO wants to see its largest supplier--and other vendors--make greater inroads on the security front.

As if Microsoft didn't have enough trouble with the government. Now an Air Force CIO is taking the vendor--and its competitors, too--to task, saying they need to step up their efforts to establish improved security standards.

Coding errors in commercially developed software account for roughly 80% of successful system intrusions, says Air Force CIO John Gilligan. And hacks today may be aimed at causing more than bottom-line damage. "This is no longer an economic issue. This is clearly a national security issue," Gilligan says.

The cost and energy the Air Force is expending on dealing with coding flaws that are found almost every day, and which could create opportunities for hackers, is taking its toll. It's "rising very fast--approaching the point where we're spending more money to find, patch, and fix vulnerabilities than we paid for the software," he says.

Microsoft doesn't necessarily have worse design problems than other vendors the Air Force buys products from, such as Cisco Systems and Oracle, but it's the largest IT supplier for the Air Force. So "they have the opportunity to show leadership in the industry," Gilligan says. Microsoft has helped set the right tone with Bill Gates' internal memo advocating "trustworthy computing, but the key will be, what's the follow through?"

Gilligan wants other IT industry leaders to take a proactive role, too; he says he'd rather avoid having the government get involved in security standards. The government "recognizes it's not efficient in this arena," he says. "We could develop standards, but it would take us longer and it might not match well with what's reasonable for industry."

Gilligan met last fall with Microsoft's Rick Belluzzo and Howard Schmidt (now vice chairman of the federal Critical Infrastructure Protection Board) to discuss mounting security problems. The Air Force has instituted more rapid processes for patching, but it's no easy task to manage 400,000 desktops running Microsoft software. "We're not leaving Microsoft in a week or six months," says Gilligan. But if the company doesn't improve, the Air Force, with roughly a $6 billion IT budget, will weigh other software options. "Even though Microsoft may have good functionality in products and the purchase price may be reasonable, the overall life-cycle cost and vulnerability may cause us to look at other products."

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll