Collaboration Key to Security, Microsoft Says

Microsoft ratcheted up its PR and client communications efforts to demonstrate that it's serious about security. On Monday, in time for this week's Black Hat conference in Las Vegas, Microsoft's Security Response Center (MSRC) launched a new ecosystem strategy team blog outlining its more collaborative approach to software security issues.

"The industry is reaching a point where delivering an acceptable level of security today is beyond what one company can do alone, wrote Microsoft's Andrew Cushman in the blog's inaugural post. "There's real merit in the cliché, 'It takes a village'."

Cushman emphasized that it's high time for the industry to act together, and that includes not just Microsoft's strategic partners and channel partners, but independent security vendors, think tanks and government entities. Such collaboration would "improve the broader security ecosystem," Cushman said.

"Think of it as community-based defense, where we commit our skills and strengths to defend beyond our boundaries to protect our common customers," he wrote.

Collaboration on security is a good idea, as hackers affect everybody.

"You can't put a grade on products and services from a security standpoint," said Richard Kemmerer, a professor of computer science at University of California at Santa Barbara and board member of Microsoft's Trustworthy Computing Academic Advisory. "The best thing you can do is get the information out."

Michael Cherry, an analyst with independent consultancy Directions on Microsoft, agrees. "There's definitely no end point to security so I think that whatever is done to foster collaboration is a step in the right direction," he said.

Microsoft also announced an additional step augmenting its monthly security cycle. The company plans to release transcripts of its Webcast Q&A sessions on security within two days of its monthly Patch Tuesday release. The Webcasts are kind of a post-game breakdown of each security bulletin, explaining Microsoft's rating and the systems affected.

About the Author

Jabulani Leffall is a business consultant and an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others. He consulted for Deloitte & Touche LLP and was a business and world affairs commentator on ABC and CNN.

Featured

  • Digital Network of User Profiles and Data Connections

    Microsoft, RSA Make Identity Security Push in the Age of AI

    Two of the bigger authentication announcements to come out of the recent RSA Conference both point in the same direction: Organizations need a more flexible, unified approach to identity security, especially as AI agents start acting alongside human workers.

  • Blue digital wireframe classical building structure

    Before AI, Fix Your Data

    Institutions don't have to solve every data problem before they can begin using AI responsibly. But they do need to treat information as a strategic asset — not a byproduct of operations — and start building toward AI-ready data now.

  • businesspeople in silhouette with colorful network lines

    Report: AI Will Reshape Work More than Replace It, but Global Impact Is Uneven

    Richer countries face greater exposure to AI-driven changes than developing countries, which are less exposed to AI but risk being left behind, according to a joint report from the International Labour Organization and World Bank.

  • illustration of people collaborating around large interlocking gears and data charts

    Why ERP and AI Initiatives Stall at the Execution Layer: A CIO Perspective

    Higher education institutions are investing heavily in ERP modernization, analytics, and AI-driven capabilities. Yet even with these investments, many are running into the same issue: turning insight into coordinated, timely action.