It’s almost 20 years since then-Microsoft boss Bill Gates wrote his famous Trustworthy Computing memo, in which he urged the company to produce more secure software.
“Eventually, our software should be so fundamentally secure that customers never even worry about it,” wrote Gates. It’s a grand ambition, and despite years of work, it is not one that any software has really achieved yet. And even as engineers try to improve their products, a new wave of security threats have appeared.
“I think it was hard for anyone at the time – even in Bill Gates’ grand vision – to see we would have sophisticated state-sponsored hackers breaking those SWIFT banking system codes, people flattening oil production by wiping hard-drives. The threat landscape is beyond any science fiction novel or what John le Carré could predict,” says Dave Weston, Microsoft’s director of enterprise and Windows security.
He admits that, as a “hardened industry professional”, he is surprised by the sophistication of attacks today.
“The breadth and sophistication [of these attacks] is what continues to make this job interesting. There is never a dull moment here,” he says.