The US Government Is Asking Big Tech to Promise Better Cybersecurity
The Biden administration is asking the world’s largest technology companies to publicly commit to tightening the digital security of their software and cloud services. The voluntary pledge, first reported by WIRED, represents the latest effort by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to build support for its Secure by Design initiative, which encourages tech vendors to prioritize cybersecurity while developing and configuring their products.
By signing the pledge, companies promise to make a “good-faith effort” to implement seven critical cybersecurity improvements, ranging from soliciting reports of vulnerabilities in their products to expanding the use of multi-factor authentication, a technology that adds an extra login step to the traditional password.
The pledge—which CISA plans to announce at the RSA cybersecurity conference in San Francisco next week—poses a major test for CISA, which last week marked the one-year anniversary of its Secure by Design campaign. The initiative is a top priority of CISA’s leadership, but it has produced mixed results, with some companies continuing to flout its urgent advice. The tech industry’s reaction to the pledge—and especially the number of software giants that sign it—will serve as a litmus test for how the private sector views CISA’s continuing push for increased corporate investment in cybersecurity.