Applying transparency for cybersecurity in Asia
Microsoft Transparency Centres (TC) began in 2008 to address laws a ‘certain’ government had passed that required tech vendors’s software solutions to have ‘non-disclose’ properties aka backdoor vulnerabilities.
Microsoft’s Assistant General Counsel, for Cybersecurity at Microsoft Cristin Goodwin explained that Microsoft had to devise a methodology to demonstrate that their solutions running in governments’ IT environments is what they are shipping.
Goodwin described, “In the early days, our source code was only online (for governments to inspect and assess). But, government needs are always evolving and the TC expanded its capabilities.”
PRESS ARROW TO LISTEN: Speech of Singapore Minister of Law and Minister of Home Affairs, K. Shanmugam that officiates the launch of Microsoft’s Transparency and Cybersecurity centres.
The Minister had said he understood the need/meaning of a cybersecurity centre but had initially wanted clarification of a Transparency centre.
Namely, these capabilities now extend to more than just offering source code access to governments, but also access to cybersecurity threats and vulnerabilities information as well as Microsoft’s security experts. Since the first TC in Redmond was established in 2014, there have been three more TCs launched in Belgium, China and Singapore
In Singapore, the TC is co-located with its new cybersecurity centre and aims to be an environment that brings private organisations and public organisations, together to one place. The TC also enables Microsoft’s Government Security Programme (GSP); the GSP’s participants have access to the TC’s offerings.
Today, nearly 70 government agencies across 40 countries are participants of this program. In Asia Pacific itself, there are ten countries.
According to Goodwin, governments may use the TC as a mechanism to help them design their respective risk management strategies or build out their own cybersecurity programs.
“There is high utilisation of the TC in the United States, and Brussels is seeing increased usage,” she said.
The top three ways the TC is being used for, she shared is to deepen government’s knowledge about how a particular product feature works. “Governments are also using it to look for vulnerabilities and backdoors in Microsoft code.”
Microsoft is looking to extend their transparency centres’ offerings to businesses as well.
“Governments tend to be the most forward-leaning in terms of accessing source code. Business enterprises is the next segment to natural evolve to, and we are looking at this very closely.”
Microsoft boasts of a security intelligence graph that is formed by all the data from their expansive network of trillions of sensors. That’s a big data from their client, server, mail and Internet products, on a global basis.
In the time span of a month, that’s a billion devices scanned for threats, 300 billion emails a month and 300 billion users authenticated for all their online services.
Regional Director of Microsoft’s Digital Crime Unit in Asia, Keshav Dhakad said, “We are embedding more and more security into our products.”
This in turn allows Microsoft to build next-generation solutions and enable security predictive analytics, he said.
Microsoft’s security ecosystem comprises of partnerships that span across governments and also security vendors, that practice a level of information sharing.
“(Security vendors) serve the same customers as we are. They are on our platform, and this allows us to have a (more cooperative ecosystem).”
In fact, such a cooperation has allowed the DCU for the past nine years, to take down 14 of the 16 known global botnet networks.
Keshav said, “By working with our intelligence teams ie. the Microsoft Malware Protection Centre (MMPC), we have access to intelligence of threats they are monitoring. The ecosystem has access to this information too.”
After assessing which network to zoom into, the DCU further investigates to find out more data like location, activities, attribution of servers and so on. Keshave added, “We partner with other security vendors and sometimes even information sharing and analysis centers or ISACs for financial services to build a case and then launch a lawsuit.
“Now, we are starting to disrupt their networks and infrastructure,” Keshav said adding his observation that cybercriminals are running smaller operations, probably as a result of the DCU’s efforts.
(This journalist is a guest of Microsoft’s to the centres’ launch event in Singapore)