×
  • Tech - News - Tech Companies
  • Updated: February 27, 2023

US Cyber Officer Praises Apple's Security, Urges Twitter, Microsoft To Improve

US Cyber Officer Praises Apple's Security, Urges Twitter, Mi

The director of the cybersecurity and infrastructure security agency, Jen Easterly, cited Apple as a good illustration of responsibility and transparency for its security policies at a speech given on Monday at Carnegie Mellon University.

The senior U.S. cybersecurity official urged companies to shoulder greater responsibility for protecting their services for clients and suggested that new legislation hold them responsible for developing and maintaining safe software.

She cited Apple's admission that 95% of iCloud customers have multifactor authentication enabled, or MFA, which is a highly advised security solution that requires a user to enter a code delivered to a different device or account during sign-in to ward against hackers.

Apple making MFA the default is the reason for the high adoption rate, according to Easterly.

As a result, Easterly said, “Apple is taking ownership for the security outcomes of their users.”

The use of MFA is low at Twitter and Microsoft, in contrast, according to Easterly.

It is "disappointing," according to her, that less than 3% of Twitter users and about one-fourth of Microsoft commercial customers use MFA.

She did commend the businesses, though, for being open about their financial information.

“By providing radical transparency around MFA adoption, these organizations are helping shine a light on the necessity of security by default,” Easterly said, per her prepared remarks. 

“More should follow their lead— in fact, every organization should demand transparency regarding the practices and controls adopted by technology providers and then demand adoption of such practices as basic criteria for acceptability before procurement or use.”

Easterly suggested that new legislation should “prevent technology manufacturers from disclaiming liability by contract, establishing higher standards of care for software in specific critical infrastructure entities, and driving the development of a safe harbor framework to shield from liability companies that securely develop and maintain their software products and services.”

Microsoft and Twitter did not immediately provide comment.

Related Topics

Join our Telegram platform to get news update Join Now

0 Comment(s)

See this post in...

Notice

We have selected third parties to use cookies for technical purposes as specified in the Cookie Policy. Use the “Accept All” button to consent or “Customize” button to set your cookie tracking settings