Microsoft's Ballmer: Security is top priority

All technology companies are now "permanently in the security business," Microsoft Corp.'s chief executive office said today. It's the one area of technology innovation where companies need to cooperate instead of compete, he said.

Steve Ballmer spoke at a lunch in Washington sponsored by the Center for Strategic and International Studies and the Business Software Alliance.

"In the weeks, months and years ahead, there will be times when the security challenges we collectively face seem actually to be getting worse, not better," Ballmer said. "As security threats change, our response must also adapt and change."

Ballmer said Microsoft is devoting a substantial portion of the company's $7 billion research and development budget to creating products and technologies that help secure networks and computers. The company's efforts fall into four main areas, he said:

*Developing isolation techniques and technologies that keep malicious code from reaching computer systems. Among the new technologies will be "behavior blocking," which can intercept suspicious code and prevent it from running on a computer.

*Improving ways that users and IT managers can keep systems up to date, including extending Microsoft's update management features to its other software products.

*Improving quality of the software it produces by using intelligent development tools that can analyze code to identify potential security risks.

*Creating authentication and access control systems that keep unauthorized or unprotected systems from accessing networks. Microsoft is working on quarantine solution that will inspect a PC before it's allowed to connect to a network. Other infrastructure management solutions already include such functionality.

Ballmer emphasized that software vulnerabilities are not solely a Microsoft issue, even though the company's Windows products have been under near-constant attack from hackers and worm authors who seek to exploit holes in the software's code.

"Our products are often the prime targets for cybercriminals, yet this is not really about any single technology or computing platform," Ballmer said.

The mention of "our new partners at Sun Microsystems" as one of many technology companies involved in making secure systems elicited laughs from the audience. The long-time enemies recently signed an agreement [http://www.washingtontechnology.com/news/1_1/daily_news/23212-1.html] to collaborate on technology solutions.

Ballmer said Microsoft would look to the government for help with research and development and to promote cybersecurity awareness.

"In today's security environment, code needs to be written with the assumption that it's going to come under attack," Ballmer said. "I don't care if it's our products or competitive products; we all need to work to eliminate the vulnerabilities in popular software products."