Tech Associations Ask Government to Rethink Reliance on Microsoft
The federal government should rely less on Microsoft for information technology services given the company’s 2023 cyber breach, tech associations wrote to the Biden administration and Congress on Wednesday. Microsoft President Brad Smith is scheduled to testify before the House…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Homeland Security Committee on Thursday in a hearing about the company’s July cyber breach (see 2404080054). The incident, which has been attributed to Chinese hackers, exposed 22 organizations and 500 consumers who do business with Microsoft. The Department of Homeland Security’s Cyber Safety Review Board in April described the attack as “preventable” and blamed Microsoft for a “cascade of errors” and a lack of investment in security standards. NetChoice, the Computer Communications Industry Association, the Software & Information Industry Association, Internet Infrastructure Coalition and the Coalition for Fair Software Licensing wrote the joint letter. “This over-reliance on single vendors is a growing concern, as many public sector organizations worldwide are using the same provider for everything from operating systems to security tools,” they wrote. The organizations recommend the government review past security performance more thoroughly in the procurement process and assess concentration risks associated with overreliance on one vendor.