Critical Infrastructure Security, Email security

Google warns of singular vendor in public sector after CSRB report

Logo of Microsoft company headquarters office building.

SecurityWeek reports that Google has noted that the preventable cyberattack aimed at U.S. government emails that the Cyber Safety Review Board attributed to Microsoft's significant security failings was indicative of the "monoculture" security risks, which should be mitigated by implementing a multi-vendor strategy in addition to the advancement of open standards for interoperability.

The incident should also prompt the federal government to probe restrictive licensing practices that hinder innovation, as well as better ensure the purchase of secure-by-design technology systems and products, according to Google.

"Security assessments of technology products shouldn’t end when a product meets public sector accreditation standards. The technology management lifecycle should include the ability to trigger security recertifications for products suffering major security incidents, and take into account past performance when making buying decisions," Google said.

Such a statement comes after Microsoft began making sweeping changes to its cybersecurity strategy as a result of the report.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.