San Francisco, California - Today, on April 17, Microsoft officially announced the Cybersecurity Tech Accord. This has been a long time coming. At last year’s RSA Conference in San Francisco, Microsoft called for “bold new measures” in the fight to defend an open, free and secure internet. Amid an exponential increase in cybercrime, including the likes of Petya, WannaCry and NotPetya, Microsoft felt it was time to create an accord aimed at protecting technology users the world over.
Per a blog post on Microsoft.com: “We recognized that supporting an open, free and secure internet is not just the responsibility of individual companies, like ourselves, but a responsibility that must be shared across the entire tech sector and with governments.”
The result was the Cybersecurity Tech Accord, an agreement that Microsoft and its partners view as a kind of Digital Geneva Convention, that is a long-term goal to update international law to help safeguard people from cyber attacks and data theft. In Microsoft’s eyes, the first step towards a more secure internet needed to be made by the tech industry itself, including its largest and most prominent enterprises.
Today, as the 2018 RSA conference begins, 34 companies have signed on to the Cybersecurity Tech Accord.
The Cybersecurity Tech Accord – Guided by Four Principles
At the heart of the Tech Accord are four principles aimed at advancing online security and resiliency across the globe. They are:
- To protect users and customers everywhere
- To oppose cyberattacks on innocent citizens and enterprises
- To empower users, customers and developers to strengthen cybersecurity
- To partner with each other and like-minded groups to enhance cybersecurity
A press release issued on the Cyber Tech Accord’s official website offers some greater insight into the principles. Essentially, the participating organizations have agreed to work towards stronger cyber defenses, improving the capacity for individuals and businesses to protect themselves, working together to improve technical collaboration, and fourth: No offense.
The companies will not help governments launch cyberattacks against innocent citizens and enterprises, and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.
This last principle, “no offense,” probably explains why Google is not on the list. Google’s employees are currently petitioning its leadership to end participation in work with the Pentagon, which is using the tech giant’s AI technology to enhance drone targeting.
Who is Participating in the Cybersecurity Tech Accord?
While Microsoft expects more companies to sign on to the Cybersecurity Tech Accord in the future, as of today’s announcement there are 34 organizations participating. They are:
- CA Technologies
- HP Inc.
- Juniper Networks
- Trend Micro
Surprisingly, there is very little representation from the SSL or Digital Certificate industry. Symantec is signed on, but that’s not the Symantec CA – of which DigiCert is now the majority owner – it’s Symantec proper, which is behind the Norton antivirus products and its other security offerings. DigiCert, Comodo, Let’s Encrypt, Entrust, AWS and the majority of the other trusted CAs are no where to be found.
Hopefully that changes soon.
For now, this is a great first step and it comes at a time when cybersecurity and data privacy are at the forefront of our attention. We are now less than 40 days from the EU’s General Data Protection Regulation coming into effect, Facebook just answered to congress for its role in the Cambridge Analytica leak and people are over the world are acutely aware of the fact that their personal information has likely been spread across the internet by now.
Hopefully the Cybersecurity Tech Accord can offer tech users all over the world a little peace of mind.
Protecting our online environment is in everyone’s interest. The companies that are part of the Cybersecurity Tech Accord promise to defend and advance technology’s benefits for society. And we commit to act responsibly, to protect and empower our users and customers, and help create a safer and more secure online world.
Sounds great, now let’s see how it goes.