Why the Security Industry Should Look to Bill Gates for Inspiration

By TechZone360 Special Guest
Mark Curphey, Founder & CEO, SourceClear
August 11, 2014

For some 30 years, until Steve Ballmer changed it, Microsoft’s corporate mission statement was remarkably concise: “To put a computer on every desk and in every home.”

Bold and direct? Yes. Simple? Not really.

Think about it. When Bill Gates wrote it—and he did, personally—Microsoft did not make computers and never had. Not a single one. So was Gates just perverse in his choice of mission statement?

I’d prefer to call the choice visionary—visionary not in some poetic sense, but in the way that an X-ray, CAT scan or MRI is visionary. It looks through surfaces, to a deeper reality and to more fundamental processes.

If Gates had written, “To put our software in every computer, on every desk and in every home,” he would have been perfectly accurate in his aim for his company. Yet he would have missed the target.

But Gates understood that it was the software that put those computers on those desks and in those homes—any manufacturer’s computer on anybody’s desk in anybody’s home. This penetrating vision is what put the software in the saddle.

Applying a Vision with the Power to Penetrate Markets

When Gates left Microsoft to run the Gates Foundation he and his wife, Melinda, founded in 2000, he applied to his philanthropy the same penetrating vision behind the original Microsoft mission statement.

Take one of the biggest parts of the foundation, the Global Health Division. It funds research aimed at creating some new drugs. For example, it funds the Aeras Global TB Vaccine Foundation to develop and license an improved TB vaccine. However, the division also directly funds a cheaper high-tech TB test. A miracle drug, after all, is no miracle unless you have a means of identifying who needs it.

Indeed, most Global Health Division initiatives fund the purchase and delivery of vaccines and drugs rather than their creation. Innovating great pharmaceuticals is wonderful—but totally without value to those who cannot obtain or afford them.

I’m fascinated by this approach to philanthropy. The obvious thing is to donate money for laboratory research and development. And the Gates Foundation certainly does this. But its trademark initiatives have even more to do with understanding the social dynamics of medicine, which includes improving ways to deliver drugs to those who need them most. Or it may incentivize the “Next-Generation Condom,” defined as one that “significantly preserves or enhances pleasure, in order to improve uptake and regular use.” Why? Because what good are condoms people don’t use?

The Real Mission of Software Development

Gates’s vision penetrated to the real mission of software development—to make applications so useful that people just had to buy computers, which, of course, are useless without software. He subsequently carried this vision into philanthropy, funding initiatives to ensure that the products of advanced research would amount to more than mere monuments to human ingenuity. They would actually save and improve lives worldwide.

I’d like to borrow back some of that Gates vision. Borrow it and bring it back to the industry in which he made such impact. Too often these days, the security industry misses the target. The industry’s efforts and initiatives are typically less about creating secure software than about creating new security software.

It’s as if the leaders of the leading firms are all guided by the voice that prompted Kevin Costner’s Ray Kinsella to carve out a “field of dreams” in an Iowa cornfield: “If you build it, he will come.” It was a good premise for a movie, but it is a bad business model and an even worse approach to answering our urgent need for secure and reliable software.

Cybersecurity: How to Fix a Fundamentally Broken Model 

It’s time for the security industry to do more than just build software security testing tools that find issues after code is created or web application firewalls and runtime protection that tries to bolster the security models of core application stacks and bubble wrap broken code pushed into production.

We are living in an era of unprecedented change, where development culture and technology are not slowly evolving but erupting at a pace faster than anyone can predict.

It’s time to acknowledge that the distribution model for security knowledge is fundamentally broken. We need to adapt - and it’s time to put security in every developer’s brain in every team’s process, and in everybody’s code base.

The security industry should aim to aspire to Bill Gates’ visionary model as a means to stay on top of the rapidly changing cybersecurity landscape. By building from the ground up with this holistic approach, we will not only empower the developer community, but could fundamentally change the world for the better.

Mark Curphey is the CEO & Founder of SourceClear, a modern security platform for developers. Curphey earned his Masters degree in information security from Royal Holloway, University of London, and is a transplant from the United Kingdom. Previously, he founded OWASP, a worldwide not-for-profit charitable organization focused on improving the security of software. Follow Mark on Twitter at @sourceclear

Edited by Maurice Nagle
Related Articles

Why People Don't Update Their Computers

By: Special Guest    7/13/2018

When the WannaCry ransomware attacked companies all over the world in 2017, experts soon realized it was meant to be stopped by regular updating. Even…

Read More

More Intelligence About The New Intelligence

By: Rich Tehrani    7/9/2018

TMC recently announced the launch of three new artificial intelligence events under the banner of The New Intelligence. I recently spoke with TMC's Ex…

Read More

Technology, Innovation, and Compliance: How Businesses Approach the Digital Age

By: Special Guest    6/29/2018

Organizations must align internally to achieve effective innovation. Companies should consider creating cross-functional teams or, at a minimum, incre…

Read More

Contribute Your Brain Power to The New Intelligence

By: Paula Bernier    6/28/2018

The three events that are part of The New Intelligence are all about how businesses and service providers, and their customers, can benefit from artif…

Read More

TMC Launches The New Intelligence - an Unparalleled AI and Machine Learning Conference & Expo in Florida

By: TMCnet News    6/28/2018

TMC announced the launch of The New Intelligence conference and expo - The Event Powering the AI Revolution. This exciting new event will take place o…

Read More