Why the Security Industry Should Look to Bill Gates for Inspiration

By TechZone360 Special Guest
Mark Curphey, Founder & CEO, SourceClear
August 11, 2014

For some 30 years, until Steve Ballmer changed it, Microsoft’s corporate mission statement was remarkably concise: “To put a computer on every desk and in every home.”

Bold and direct? Yes. Simple? Not really.

Think about it. When Bill Gates wrote it—and he did, personally—Microsoft did not make computers and never had. Not a single one. So was Gates just perverse in his choice of mission statement?

I’d prefer to call the choice visionary—visionary not in some poetic sense, but in the way that an X-ray, CAT scan or MRI is visionary. It looks through surfaces, to a deeper reality and to more fundamental processes.

If Gates had written, “To put our software in every computer, on every desk and in every home,” he would have been perfectly accurate in his aim for his company. Yet he would have missed the target.

But Gates understood that it was the software that put those computers on those desks and in those homes—any manufacturer’s computer on anybody’s desk in anybody’s home. This penetrating vision is what put the software in the saddle.

Applying a Vision with the Power to Penetrate Markets

When Gates left Microsoft to run the Gates Foundation he and his wife, Melinda, founded in 2000, he applied to his philanthropy the same penetrating vision behind the original Microsoft mission statement.

Take one of the biggest parts of the foundation, the Global Health Division. It funds research aimed at creating some new drugs. For example, it funds the Aeras Global TB Vaccine Foundation to develop and license an improved TB vaccine. However, the division also directly funds a cheaper high-tech TB test. A miracle drug, after all, is no miracle unless you have a means of identifying who needs it.

Indeed, most Global Health Division initiatives fund the purchase and delivery of vaccines and drugs rather than their creation. Innovating great pharmaceuticals is wonderful—but totally without value to those who cannot obtain or afford them.

I’m fascinated by this approach to philanthropy. The obvious thing is to donate money for laboratory research and development. And the Gates Foundation certainly does this. But its trademark initiatives have even more to do with understanding the social dynamics of medicine, which includes improving ways to deliver drugs to those who need them most. Or it may incentivize the “Next-Generation Condom,” defined as one that “significantly preserves or enhances pleasure, in order to improve uptake and regular use.” Why? Because what good are condoms people don’t use?

The Real Mission of Software Development

Gates’s vision penetrated to the real mission of software development—to make applications so useful that people just had to buy computers, which, of course, are useless without software. He subsequently carried this vision into philanthropy, funding initiatives to ensure that the products of advanced research would amount to more than mere monuments to human ingenuity. They would actually save and improve lives worldwide.

I’d like to borrow back some of that Gates vision. Borrow it and bring it back to the industry in which he made such impact. Too often these days, the security industry misses the target. The industry’s efforts and initiatives are typically less about creating secure software than about creating new security software.

It’s as if the leaders of the leading firms are all guided by the voice that prompted Kevin Costner’s Ray Kinsella to carve out a “field of dreams” in an Iowa cornfield: “If you build it, he will come.” It was a good premise for a movie, but it is a bad business model and an even worse approach to answering our urgent need for secure and reliable software.

Cybersecurity: How to Fix a Fundamentally Broken Model 

It’s time for the security industry to do more than just build software security testing tools that find issues after code is created or web application firewalls and runtime protection that tries to bolster the security models of core application stacks and bubble wrap broken code pushed into production.

We are living in an era of unprecedented change, where development culture and technology are not slowly evolving but erupting at a pace faster than anyone can predict.

It’s time to acknowledge that the distribution model for security knowledge is fundamentally broken. We need to adapt - and it’s time to put security in every developer’s brain in every team’s process, and in everybody’s code base.

The security industry should aim to aspire to Bill Gates’ visionary model as a means to stay on top of the rapidly changing cybersecurity landscape. By building from the ground up with this holistic approach, we will not only empower the developer community, but could fundamentally change the world for the better.

Mark Curphey is the CEO & Founder of SourceClear, a modern security platform for developers. Curphey earned his Masters degree in information security from Royal Holloway, University of London, and is a transplant from the United Kingdom. Previously, he founded OWASP, a worldwide not-for-profit charitable organization focused on improving the security of software. Follow Mark on Twitter at @sourceclear

Edited by Maurice Nagle
Related Articles

Bloomberg BETA: Models Are Key to Machine Intelligence

By: Paula Bernier    4/19/2018

James Cham, partner at seed fund Bloomberg BETA, was at Cisco Collaboration Summit today talking about the importance of models to the future of machi…

Read More

Get Smart About Influencer Attribution in a Blockchain World

By: Maurice Nagle    4/16/2018

The retail value chain is in for a blockchain-enabled overhaul, with smarter relationships, delivering enhanced transparency across an environment of …

Read More

Facebook Flip-Flopping on GDPR

By: Maurice Nagle    4/12/2018

With GDPR on the horizon, Zuckerberg in Congress testifying and Facebook users questioning loyalty, change is coming. What that change will look like,…

Read More

The Next Phase of Flash Storage and the Mid-Sized Business

By: Joanna Fanuko    4/11/2018

Organizations amass profuse amounts of data these days, ranging from website traffic metrics to online customer surveys. Collectively, AI, IoT and eve…

Read More

Satellite Imaging - Petabytes of Developer, Business Opportunities

By: Doug Mohney    4/11/2018

Hollywood has programmed society into believing satellite imaging as a magic, all-seeing tool, but the real trick is in analysis. Numerous firms are f…

Read More