On September 10, Microsoft hosted a Cyber Summit that could have far-reaching implications for the future of cybersecurity. While this summit could have been a game changer, it unfortunately took place behind closed doors, leaving many of us on the outside looking in. We’ve seen this pattern before: a breach happens, Microsoft apologizes, promises to do better, and then. ..not much changes. If the tech giant really wants to make meaningful progress, it will have to change not only its security practices, but also the way it interacts with the broader community.
Founder of The Georgetown Group and NeXasure AI.
The Transparency Dilemma: Come on, Microsoft, let us in!
First of all: transparency. Microsoft’s refusal to invite both the press and the public to this Cyber Summit is raising eyebrows, if not alarms. Of course, we understand the need for frank discussions behind closed doors, but this summit was not just a boardroom briefing; it’s a conversation that impacts millions of users. After all, infringements make no distinction between companies, governments or ordinary consumers.
Microsoft has a huge opportunity here, but it seems more interested in controlling the narrative than engaging in open dialogue. If the Summit is all about polishing the image instead of tackling real problems, then that is a problem. Security isn’t something you sweep under the rug, especially when your mistakes affected millions of Windows devices like the CrowdStrike update debacle earlier this year.
Bring in the experts: why diverse collaboration matters
Diversity of thought is crucial in cybersecurity. And no, I’m not talking about diversity in the corporate HR sense (although that’s important too). I’m talking about bringing together diverse security perspectives – white-hat hackers, penetration testers, and researchers – who can test the power of Microsoft’s systems in ways that internal teams simply cannot. The more attention focused on the problem, the greater the chance that vulnerabilities will be found before the bad guys do.
Microsoft should actively collaborate with these experts, not just keep them at arm’s length. Let’s be real: the stakes are too high to let pride get in the way of progress. Closed-door summits limit the scope of cooperation, which is not what the cybersecurity community needs. Microsoft owes it to their user base and to the entire tech world to listen to those outside voices.
The core conundrum: explaining the technology in simple terms
This is where it gets a bit technical. But stick with me, I promise it’s worth it.
The kernel is like the beating heart of your computer’s operating system. It controls everything from how apps interact with your hardware to how secure your system is. If the kernel is compromised, essentially your entire system is vulnerable. And here’s the kicker: Microsoft currently allows third-party access to the kernel for certain applications (think giving the plumber the keys to your house). While this access may be necessary for security software, it also opens the door to a whole host of potential security risks.
Just look at the CrowdStrike fiasco. A small bug in a CrowdStrike update caused major outages on 8.5 million devices. Why? Because that update had kernel-level access, allowing it to affect fundamental parts of the Windows operating system.
The solution: restrict kernel access… but not completely
An obvious solution is for Microsoft to completely restrict access to the kernel. But that’s not as simple as flipping a switch. Security software needs access to the kernel to properly monitor the system, and if Microsoft shuts it down completely, third-party security vendors could lose the visibility they need to effectively protect users.
So what is the middle ground? Other operating systems have found solutions that can serve as models. For example, Apple’s System Integrity Protection (SIP) limits what can be done with the kernel by restricting root users’ access. This ensures that even if a hacker gains access to the system, he cannot make changes at the deepest level. Similarly, Linux has something called eBPF (Extended Berkeley Packet Filter), which allows secure, controlled execution of programs within the kernel. Microsoft should explore implementing these types of technologies, or at least something similar.
This does not mean that third parties are completely excluded. Instead, Microsoft could work more closely with security vendors to give them secure, controlled access to the kernel, allowing them to continue protecting users without compromising the integrity of the system.
Possible solutions: Microsoft, here’s what you can do
1. Implement more granular kernel controls: Microsoft could provide more limited kernel access for trusted applications, much like Apple’s SIP. This allows security vendors to do their work while protecting the system from rogue apps.
2. Adopt a more open collaboration framework: It’s time for Microsoft to invite more diverse voices into the conversation. From pen testers to white-hat hackers, more attention to the problem means a greater chance of finding and fixing vulnerabilities before they are exploited.
3. Transparency at every level: No more summits behind closed doors. Microsoft should foster an open, ongoing dialogue with security experts and customers, keeping them informed not only of past failures but also of future solutions.
4. Adopt and implement competitor best practices: Look at what Linux and Apple have done to improve kernel security. These platforms provide valuable lessons that can be easily adapted to improve the security of Windows systems.
Microsoft must lead with openness
As the company with the largest market share in computer security, Microsoft has a responsibility to be more transparent and open about its plans. Cybersecurity is a community effort. It’s like a neighborhood watch: everyone has to be involved in the plan and everyone has to share information to keep the neighborhood safe. But if Microsoft continues to meet behind closed doors, they are depriving valuable input from the people who know how to improve the security of their products.
The end result? Microsoft, it’s time to stop apologizing and playing the blame game and instead start working with the broader security community. The more you open up, the stronger we will all be. And who knows? Maybe we can finally stop fixing up Windows like it’s an old boat that develops new leaks every few weeks.
We have presented the best customer experience (CX) tool.
This article was produced as part of Ny BreakingPro’s Expert Insights channel, where we profile the best and brightest minds in today’s technology industry. The views expressed here are those of the author and are not necessarily those of Ny BreakingPro or Future plc. If you are interested in contributing, you can read more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro