Microsoft
MSFT -0.27%
President
Brad Smith
said governments and companies are at last starting to cooperate to address the mounting cybersecurity issues facing the world.
“It’s critical that the U.S. and other governments lead the way, and it’s vital that we in the tech sector play the roles that we need to play to support this,” Mr. Smith said at The Wall Street Journal’s Tech Live conference Wednesday.
There are three main types of cyberattacks, Mr. Smith said—ransomware, nation-state sponsored attacks and disinformation campaigns. Often these three types blend, he said.
Microsoft in August participated alongside other firms in a meeting with President Biden at the White House focusing on cybersecurity, where the company committed to investing $20 billion over the next five years to build up more advanced security tools. It also said that it would invest $150 million to help agencies in the U.S. government upgrade their security protections.
The insurance industry also took part in the White House meetings, which is important for motivating businesses to start adopting better procedures around their security operations, Mr. Smith said.
A long-term Microsoft employee and lawyer by training, Mr. Smith took over duties in resolving antitrust cases against the company across the globe when he was picked as general counsel in 2002. His role inside the company has grown in recent years. He was elevated to the role of president in 2015 soon after
Satya Nadella
took over as chief executive of the company. Last month, he was named vice chair of Microsoft.
In recent years, Mr. Smith has positioned himself as a sort of elder statesman of tech. He frequently makes appearances at congressional hearings related to a range of issues such as cybersecurity and antitrust in tech. His 2019 book “Tools and Weapons,” coathored with Microsoft employee Carol Ann Browne, about cybersecurity and digital privacy further built him up as an important thought leader in technology.
At the Journal’s conference, he said that Microsoft has endorsed cybersecurity legislation that would impose an obligation for companies, including Microsoft, to report cyberattacks.
“The tech sector needs to move beyond just generalized endorsements of the new regulation, and be prepared to lean in on specifics and actually identify things it’s prepared to help advance,” Mr. Smith said.
Cybersecurity is an emerging big business for Microsoft. In January, the company said it surpassed $10 billion in revenue in its security business, up more than 40% annually. In August, Microsoft hired longtime Amazon.com Inc. cloud executive Charlie Bell to run a new security division.
In conversations with customers, Mr. Smith said he has heard that companies can’t hire the right cybersecurity professionals to implement strong security. There are 462,000 job openings in the U.S. that require cybersecurity skills, he said.
Microsoft will be announcing plans next week to help address the worker shortage issue, he said, but declined to elaborate further.
“We have a massive challenge we need to address,” said Mr. Smith. “We’re going to need to mobilize the resources of the country quickly to address this.”
Write to Aaron Tilley at aaron.tilley@wsj.com
Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
Appeared in the October 21, 2021, print edition as ‘Microsoft Boss Stresses Security.’