RealTime IT News

Ballmer Leads Off Security Road Show

WASHINGTON -- Microsoft CEO Steve Ballmer kicked off a national 20-city "Security Summit" tour by the Redmond giant with a nod to the company's new alliance with Sun Microsystems and a poke at Linux distributor Red Hat .

Ballmer told a packed luncheon event hosted by the Business Software Alliance and the Center for Strategic and International Studies that cyber security is not really about any single technology, computing platform or company.

"Our products are often the prime target for cyber criminals. Yet, it's bigger than any single company," Ballmer said. "From IBM to our new partners at Sun, from AOL to Cisco, we all have a responsibility to move quickly and aggressively to develop technology that does more to help consumers protect their computers and their networks.

The reference to Sun drew a round of laughs from the crowd as the two long-time bitter rivals only last week resolved their patent and antitrust issues over Java, with Microsoft agreeing to pay Sun nearly $2 billion as part of the settlement.

Citing a new research report that raised issues about security among open source operating systems, Ballmer called security vulnerabilities an industry-wide issue.

"There's a new study by the analyst firm Forrester Research that shows that between the years 2002 and 2003, nearly twice as many security flaws were actually found in Red Hat Linux as in Windows," he said. "I don't care if it's our product or a competitive product, we all need to work to limit the vulnerability in these software products."

Gags and jabs out of the way, Ballmer then stuck to similar themes about security outlined by Microsoft Chairman and Chief Architect Bill Gates last month.

"You need only imagine the impact of a truly concerted assault on the IP operations of nation's critical infrastructure -- the electric utilities, water, financial systems, transportation, health systems, just to name a few," Ballmer said. "The kinds of attacks we've seen that have these kind of crazy names like Blaster, SoBig and MyDoom -- once unimaginable -- are the kinds of crimes we need to both anticipate and act against."

Calling for software code that is engineered with security in mind, Ballmer said, "Code needs to be written with the assumption it will come under attack. Yet, software engineers right out of university often have very little knowledge of how to write code that is secure."

To that end, Microsoft is hosting a series 20 free events aimed at IT professionals and developers to promote cooperation in software security practices. Each seminar will be taught by by Microsoft security professionals and is designed to provide information and free tools to fight current and future security challenges.

"Everyone in the IP industry is used to competing hard. But on cyber security, we know we have to come together and cooperate in varied ways on this industry-wide and international problem," Ballmer said.

Ballmer also said the government must play a role in cyber security by collaborating with industry and academia on basic security research and "help us drive cyber security awareness among consumers."

Just as importantly, he said, government must crack down on hackers.

"Governments need to implement a criminal justice system that will deter hackers," Ballmer said.