Special Features

Cybersecurity Month

Governments resent their dependence on Big Tech

Singapore summit hears how private sector's constant security sins create risk for sovereigns


Senior politicians gathered at Singapore International Cyber Week (SICW) this week to discuss the current state of cybersecurity have articulated their discomfort with finding themselves dependent on Big Tech.

"Large tech companies wield an unprecedented level of influence over economies and societies. At the same time, they enjoy a remarkable degree of freedom from regulation and accountability for their activities and the content they carry," opined Singaporean minister Teo Chee Hean at Monday night's opening address.

Teo pointed out that private industry owns and controls significant parts of the technology stack that the majority of the world depends on, and the vast amount of data such systems contain. The revenue Big Tech squeezes from this data exceeds the GDP of many countries.

That strength means governments rely on the private sector for cybersecurity and other necessities in the digital domain. Meanwhile, these companies ultimately "make their own decisions," such as which nations they boycott or the content they carry.

Teo said it's somettmes hard to know how government and Big Tech can work together given that national security, defense, and social governance have long been the exclusive domain of governments. An added complication is that Big Tech companies are often foreign entities.

"Their interests may not always align with public or national interests," he said.

A big part of the problem, according to Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency (CISA), is that the tech industry prioritizes getting to market quickly over security – a situation she labelled a "crazy malalignment" that results in an unacceptable "shaky technology platform" the world ends up relying on.

"We have perversely normalized a world where the technology that underpins the critical services that we rely on for water, for healthcare, power, transportation, communication – the devices we rely on every minute every day – are all built on insecure foundations," said Easterly. "We don't need more security products. We need more secure products."

Easterly was particularly keen to have tech companies prioritize security before generative AI becomes the "most powerful technology and most powerful weapon of our time."

The CISA director called on CEOs, boards, and other business leaders to treat cyber risk like they do equity, franchise, or liquidity risk.

"The days of delegating cyber risk to infotech people – your chief info officer, then fire them when you have a breach – must be over," she declared.

Easterly then scoffed at Microsoft's Patch Tuesday, comparing it to a consumer getting a car recalled once a month, and holding it up as proof that vulnerabilities and flaws have been normalized.

Regardless of what disasters flow from poor security, it's far too late to be having any conversations regarding reining in reliance on tech vendors. And for countries in distress or at war, like Ukraine, the unquestionably vital necessity of Big Tech is even more stark.

Anton Demokhin of the Ministry of Foreign Affairs of Ukraine credited Big Tech with giving his nation the ability to focus on its war with Russia. Demokhin credited a number of companies with providing resources – from cybersecurity support to the use of cloud to back up resources that would otherwise be at risk of being destroyed during Russia's invasion.

"That's given us the momentum to deal with challenges and war and cyberattacks," said Demokhin.

But the question, at least for Australia's National Cyber Security Coordinator, Darren Goldie, centers around where to divide the duties of government versus Big Tech, ultimately deciding how much power to continue to give to industry.

Goldie asserted it was best to utilize expertise, which is rarely located within government.

Goldie said Australia is pursuing threat sharing and blocking capabilities.

"Threat blocking tries to raise the bar with one private entity asking another one to block," stated Goldie. "If you have a threat that everyone agrees should be taken down, you could ask a telco to take it down."

He then posed the question: if threats and ongoing blockades persist, when does a nation reach a point where it becomes uneasy about outsourcing this responsibility?

There appears to be no end in sight to what could be privately offloaded within the domain of digital infrastructure.

"Critical infrastructure has been outsourced to private industries," surmised Danish tech ambassador Anne Marie Engtoft Meldgaard on Tuesday.

Denmark became the first country to appoint an ambassador to tech, with the same responsibilities as a conventional ambassador to a sovereign nation, in 2017. Meldgaard replaced the first person to have that role, Casper Klynge, in 2020.

"There's quite a lot of us tech ambassadors who have been appointed to represent our countries in a much more mature, concerted effort and dialog with tech," said Meldgaard. "And on the other side, Big Tech has been hiring diplomats too; recognizing the need for engaging interchangeably with governments."

When Klynge left Silicon Valley under Denmark's Ministry of Foreign Affairs, he promptly joined Microsoft.

"The time for tech platform as neutral actors is over," Meldgaard declared. ®

Send us news
22 Comments

AI firms and civil society groups plead for passage of federal AI law ASAP

Congress urged to act before year's end to support US competitiveness

UK’s new Minister for Science and Technology comes to US touting Britain's AI benefits

$82B in investment shows we've still got it as a nation

AI chip startup Tenstorrent to train Japan's engineers in $50M government deal

Government wants to make semiconductors big on home turf again

Gary Marcus proposes generative AI boycott to push for regulation, tame Silicon Valley

'I am deeply concerned about how creative work is essentially being stolen at scale'

Voice-enabled AI agents can automate everything, even your phone scams

All for the low, low price of a mere dollar

Killer app for AI is still years away, says industry analyst

IT spend set to rise nonetheless and it's not all about wundertech

Meta gives nod to weaponizing Llama – but only for the good guys

Change of mind follows discovery China was playing with it uninvited?

Flanked by Palantir and AWS, Anthropic's Claude marches into US defense intelligence

An emotionally manipulable AI in the hands of the Pentagon and CIA? Cool

Singapore to increase road capacity by tracking all vehicles with GPS

Plus: China Unicom auctions off old cables; Japan's My Number Card also soon a driver's license; and Hong Kong chief executive warns US investment ban will backfire

Watchdog finds AI tools can be used unlawfully to filter candidates by race, gender

UK data regulator says some devs and providers are operating without a 'lawful basis'

Single-platform approach may fall short for AI data management

Data platform vendors can't meet all your needs, warns Gartner

UK gov report to propose special zones for datacenters, 'AI visas'

Vendors not keen on 'lengthy bureaucracy,' and cost when they try to hire skilled foreigners