WASHINGTON — Microsoft CEO Steve Ballmer kicked off a national 20-city “Security Summit” tour by the Redmond giant with a nod to the company’s new alliance with Sun Microsystems
and a poke at Linux distributor Red Hat
.
Ballmer told a packed luncheon event hosted by the Business Software Alliance and the Center for Strategic and International Studies that cyber security is not really about any single technology, computing platform or company.
“Our products are often the prime target for cyber criminals. Yet, it’s
bigger than any single company,” Ballmer said. “From IBM to our new partners
at Sun, from AOL to Cisco, we all have a responsibility to move quickly and
aggressively to develop technology that does more to help consumers protect
their computers and their networks.
The reference to Sun drew a round of laughs from the
crowd as the two long-time bitter rivals only last week resolved their
patent and antitrust issues over Java, with Microsoft agreeing to
pay Sun nearly $2 billion as part of the settlement.
Citing a new research report that raised issues about security among open source operating systems, Ballmer called security vulnerabilities an industry-wide issue.
“There’s a new study by the analyst firm Forrester Research
that shows that between the years 2002 and 2003, nearly twice as many
security flaws were actually found in Red Hat Linux as in Windows,” he said.
“I don’t care if it’s our product or a competitive product, we all need to
work to limit the vulnerability in these software products.”
Gags and jabs out of the way, Ballmer then stuck to similar themes about security outlined by Microsoft Chairman and Chief Architect Bill Gates last month.
“You need only imagine the impact of a truly concerted assault on the IP
operations of nation’s critical infrastructure — the electric utilities,
water, financial systems, transportation, health systems, just to name a
few,” Ballmer said. “The kinds of attacks we’ve seen that have these kind
of crazy names like Blaster, SoBig and MyDoom — once unimaginable — are
the kinds of crimes we need to both anticipate and act against.”
Calling for software code that is engineered with security in mind, Ballmer
said, “Code needs to be written with the assumption it will come under
attack. Yet, software engineers right out of university often have very
little knowledge of how to write code that is secure.”
To that end, Microsoft is hosting a series 20 free events aimed at IT
professionals and developers to promote cooperation in software security
practices. Each seminar will be taught by by Microsoft security professionals
and is designed to provide information and free tools to fight current and
future security challenges.
“Everyone in the IP industry is used to competing hard. But on cyber
security, we know we have to come together and cooperate in varied ways on
this industry-wide and international problem,” Ballmer said.
Ballmer also said the government must play a role in cyber security by
collaborating with industry and academia on basic security research and
“help us drive cyber security awareness among consumers.”
Just as importantly, he said, government must crack down on hackers.
“Governments need to implement a criminal justice system that will deter
hackers,” Ballmer said.