Want CNET to notify you of price drops and the latest stories?

Microsoft takes security class on the road

The software giant kicks off its Security Summits, sending executives to 20 cities as part of its mission to train 500,000 information technology professionals worldwide by the end of the year.

Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
Robert Lemos
2 min read
Microsoft's on a mission to get technology pros to think harder about security.

The software giant is sending executives to 20 cities across the United States to train developers and information system managers in how to better protect their systems. The free events, dubbed Security Summits, are the first step in Microsoft's plan to train 500,000 information technology workers worldwide by the end of this year, according to Mike Nash, vice president for Microsoft's Security Business unit.

Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

"We want to make sure that customers have a security strategy," Nash said. "There were people that got hit with Slammer, and they go away and implement a security plan and then Blaster comes along and they said, 'Wow, that's a nonissue.' The hope (in holding these events) is to skip step one."

The Security Summits kicked off in New York City on Tuesday with free day-long classes for network administrators and information-system managers. The seminar was repeated on Wednesday. The events attracted about 1,000 people each.

The events are Microsoft's latest effort in its two-year-old Trustworthy Computing initiative. The software giant has taken major steps to elevate security concerns, such as delaying its next version of Windows in order to divert developers to a security update, known as Service Pack 2, for Windows XP.

Chairman Bill Gates underscored Microsoft's commitment to better security in a public letter sent to customers last month. "Security is as big and important a challenge as any our industry has ever tackled," Gates wrote. "It is not a case of simply fixing a few vulnerabilities and moving on."

However, Microsoft's focus on security has resulted in longer development times for patches for vulnerabilities in its products. The company has begun to de-emphasize patching as a security solution and has started urging companies to think more broadly about security instead, promoting the use of training and better network protection.

At the Security Summit events, Microsoft customers can attend one of two tracks: one basic, the other for more advanced system administrators. The events include general sessions meant for information technology professionals and scheduled one-on-one meetings between executives from Microsoft and customer companies, Nash said.

Microsoft plans to hold other events worldwide to train more IT professionals, to hit its half-million-person mark, according to Nash.

Nash stressed that the Security Summit tour is only one step in Microsoft's security efforts and is not designed to provide a final solution to the online security woes that affect many companies.

"500,000 people trained on security, that is a pretty good footing," he said. "But I don't think anyone believes...that the issue is going to be solved by the end of 2004."