SecurityWeek reports that Google has noted that the preventable cyberattack aimed at U.S. government emails that the Cyber Safety Review Board attributed to Microsoft's significant security failings was indicative of the "monoculture" security risks, which should be mitigated by implementing a multi-vendor strategy in addition to the advancement of open standards for interoperability.
The incident should also prompt the federal government to probe restrictive licensing practices that hinder innovation, as well as better ensure the purchase of secure-by-design technology systems and products, according to Google.
"Security assessments of technology products shouldn’t end when a product meets public sector accreditation standards. The technology management lifecycle should include the ability to trigger security recertifications for products suffering major security incidents, and take into account past performance when making buying decisions," Google said.
Such a statement comes after Microsoft began making sweeping changes to its cybersecurity strategy as a result of the report.
