News

After Biden Meeting, Microsoft Commits $20 Billion for Cybersecurity

Microsoft has joined other tech giants in pledging to ramp up their cybersecurity efforts, the result of a meeting this week with the Biden administration.

Following an Aug. 25 White House meeting, Microsoft pledged to "invest $20 billion over the next 5 years" on its cybersecurity efforts. The company also presently is offering "$150 million in technical services to help federal, state, and local governments with upgrading security protection." Microsoft is partnering with colleges and nonprofits, too, on cybersecurity training.

Satya Nadella, Microsoft's CEO, affirmed the $20 billion figure in low-key LinkedIn and Twitter posts.

In 2018, Microsoft had made a big splash in announcing a $5 billion investment in Internet of Things security, but this week's announcement was more toned-down. Microsoft did use the occasion, though, to tout its Azure security products for federal agencies, suggesting they could meet White House executive order requirements.

The meeting at the White House follows the Biden administration's May executive order aiming to muster cybersecurity efforts following the SolarWinds supply-chain attack, "Hafnium" advanced persistent threat group attacks on Exchange Server, plus the ransomware attack on Colonial Pipeline's IT operations.

In July, the Biden administration announced further actions to protect critical U.S. infrastructure, much of which is voluntary for infrastructure owners and operators. That announcement acknowledged that critical U.S. infrastructure "is largely owned and operated by the private sector." 

Other company pledges announced at the meeting included:

  • Google's $10 billion investment over five years to "expand zero-trust programs, help secure the software supply chain, and enhance open-source security," while also offering digital skills certifications.
  • IBM promising cybersecurity training to 150,000 people over the next three years in partnership with Black colleges and universities.
  • Apple establishing continuous security improvements for the technology supply chain, working with its suppliers to adopt "multi-factor authentication, security training, vulnerability remediation, event logging, and incident response."
  • Amazon promising to go public with its security awareness training used by employees, plus offering "a multi-factor authentication device" to Amazon Web Services customers at no added cost.

The announcement also listed pledges from insurance companies and educational institutions.

In addition, the National Institute of Standards and Technology (NIST) pledged to collaborate with industry on securing the technology supply chain and building secure software, including open source software.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Touts $39.8B in Returns During Annual Shareholders Meeting

    Microsoft has released the results of its Annual Shareholder Meeting, bringing in a new board member, financial stats and vision, plus down votes on most social proposals.

  • Cloud Honeypots Planted by Researchers Compromised in Minutes

    Palo Alto Networks researchers who deployed hundreds of honeypots packed with cloud service apps were shocked at how quickly they were compromised.

  • Microsoft Teams Users Receiving Loop Components

    Microsoft Loop components are starting to become available to Microsoft 365 "commercial customers" using Microsoft Teams, the company announced on Tuesday.

  • Microsoft Outlines upcoming 'Teams Phone with Calling Plan'

    Organizations wanting to use Microsoft Teams for phone calls will have some new option, starting in January.