Skip to content

Microsoft Secure

Fast moving car trail in city at night

How public-private partnerships can combat cyber adversaries

For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote presenter talking about it. In fact, these conferences increasingly include sessions or entire...

Read more

Network servers highway

Microsoft and Progeny Systems enhance security for mobile applications across U.S. Government

In our mobile-first, cloud-first world, security is paramount for organizations of any size. It is especially critical to applications used across the U.S. Government, which is why we are working with the Department of Homeland Security (DHS) Science and Technology Directorate and Progeny Systems to enhance mobile application security. In support of the broader federal...

Read more

Latin America is stepping up to the plate in cybersecurity policy

A year ago Inter-American Development Bank (IDB) and the Organization of American States (OAS) asked themselves a question about cybersecurity: “Are We Ready in Latin America and the Caribbean?”. The conclusion of their 200 page report was essentially “No”, raising an alarm about Latin America’s critical situation in the cybersecurity arena. The report showed that...

Read more

What are Confidence building measures (CBMs) and how can they improve cybersecurity?

Cyberspace security is too often viewed through a prism of technological terms and concepts. In my experience, even supposedly non-technical discussions of cyberspace quickly devolve into heated debates about “vulnerability coordination”, “the latest malware”, “the best analytical tools”, “threat information sharing”, and so on. While these are interesting and important topics, it is ultimately people...

Read more

Cybercrime and freedom of speech – A counterproductive entanglement

This post is authored by Gene Burrus, Assistant General Counsel. As cybercrime becomes ever more pervasive, the need for states to devote law enforcement resources to battling the problem is apparent. However, states should beware using cybercrime legislation and enforcement resources as a vehicle for restricting speech or controlling content. Doing so risks complicating essential international...

Read more

Cross-border cooperation: The road to a more stable and secure Internet

Australia and China have recently agreed to strengthen their bilateral cooperation in cybersecurity. Cooperation between states on cybersecurity is essential in order to combat cross-border cybercrime and to reduce the risks of inter-state cyberwar. Bilateral cybersecurity agreements between states can help build that cooperation. The real goal, however, should be to achieve multi-lateral consensus and...

Read more

NIST Cybersecurity Framework: Building on a foundation everyone should learn from

On May 16-17, Microsoft participated in a workshop organized by the National Institute of Standards and Technology (NIST) on its recently released Framework for Improving Critical Infrastructure Cybersecurity (“Cybersecurity Framework”) Draft Version 1.1. It was a useful discussion, not least because it showed NIST’s continuing commitment to engage in genuine multi-stakeholder dialogue in the development...

Read more

More than just an ocean separates American and European approaches to cybersecurity

The recent revision of the National Standards and Technology Institute’s (NIST) Cybersecurity Framework and the publication of European Network and Security Agency’s (ENISA) proposals on implementation of the Network and Information Security (NIS) Directive have made me pause and ponder the progress made (or indeed not) in securing our critical infrastructures since they were both...

Read more

How the Asia-Pacific region is advancing cybersecurity

Earlier this year, my team and I had the great privilege and pleasure of spending several days in Japan, participating in the Information Technology Promotion Agency (IPA) Symposium. We also met with industry colleagues to discuss global cybersecurity trends and opportunities to engage in public policy, and met with Japanese government partners to examine the...

Read more