News

After Biden Meeting, Microsoft Commits $20 Billion for Cybersecurity

Microsoft has joined other tech giants in pledging to ramp up their cybersecurity efforts, the result of a meeting this week with the Biden administration.

Following an Aug. 25 White House meeting, Microsoft pledged to "invest $20 billion over the next 5 years" on its cybersecurity efforts. The company also presently is offering "$150 million in technical services to help federal, state, and local governments with upgrading security protection." Microsoft is partnering with colleges and nonprofits, too, on cybersecurity training.

Satya Nadella, Microsoft's CEO, affirmed the $20 billion figure in low-key LinkedIn and Twitter posts.

In 2018, Microsoft had made a big splash in announcing a $5 billion investment in Internet of Things security, but this week's announcement was more toned-down. Microsoft did use the occasion, though, to tout its Azure security products for federal agencies, suggesting they could meet White House executive order requirements.

The meeting at the White House follows the Biden administration's May executive order aiming to muster cybersecurity efforts following the SolarWinds supply-chain attack, "Hafnium" advanced persistent threat group attacks on Exchange Server, plus the ransomware attack on Colonial Pipeline's IT operations.

In July, the Biden administration announced further actions to protect critical U.S. infrastructure, much of which is voluntary for infrastructure owners and operators. That announcement acknowledged that critical U.S. infrastructure "is largely owned and operated by the private sector." 

Other company pledges announced at the meeting included:

  • Google's $10 billion investment over five years to "expand zero-trust programs, help secure the software supply chain, and enhance open-source security," while also offering digital skills certifications.
  • IBM promising cybersecurity training to 150,000 people over the next three years in partnership with Black colleges and universities.
  • Apple establishing continuous security improvements for the technology supply chain, working with its suppliers to adopt "multi-factor authentication, security training, vulnerability remediation, event logging, and incident response."
  • Amazon promising to go public with its security awareness training used by employees, plus offering "a multi-factor authentication device" to Amazon Web Services customers at no added cost.

The announcement also listed pledges from insurance companies and educational institutions.

In addition, the National Institute of Standards and Technology (NIST) pledged to collaborate with industry on securing the technology supply chain and building secure software, including open source software.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Red Brick Graphic

    Microsoft To Pour Millions into Partner Incentives, Azure and Security in FY2025

    Microsoft's inaugural MCAPS Start for Partners event took place this week, marking the beginning of its fiscal 2025.

  • New Microsoft Security Releases Aim To Smooth the Road to Zero Trust

    IT teams often juggle multiple tools to monitor and maintain the security of their environments. Two new products released by Microsoft this week aim to consolidate their toolboxes and help organizations achieve zero trust faster.

  • Antitrust Worries Hound Microsoft Off OpenAI's Board: Report

    In a move likely meant to assuage antitrust regulators' concerns, Microsoft on Wednesday stepped down from its role as a non-voting OpenAI board member.

  • Image of a futuristic maze

    The 2024 Microsoft Product Roadmap

    Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.