Facebook, Microsoft, and 32 other tech firms sign cybersecurity pledge

Facebook, Microsoft, and 32 other technology companies have pledged to protect their customers from cyberattacks and committed to not help governments advance their cyber warfare efforts.

The Cybersecurity Tech Accord is touted as a “watershed agreement” by the signatories and comes after a wave of high-profile cyberattacks over the past year.

The list of companies includes: ABB, Arm, Avast, Bitdefender, BT, CA Technologies, Cisco, Cloudflare, DataStax, Dell, DocuSign, Facebook, Fastly, FireEye, F-Secure, GitHub, Guardtime, HP Inc., HPE, Intuit, Juniper Networks, LinkedIn, Microsoft, Nielsen, Nokia, Oracle, RSA, SAP, Stripe, Symantec, Telefonica, Tenable, Trend Micro, and VMware.

Notably absent from the initial roster of signups are Apple, Amazon, Twitter, and Google, though the Tech Accord “remains open to consideration of new private sector signatories, large or small and regardless of sector,” according to the press release.

The accord, which you can read in full here, centers around four underlying principles covering “strong defense,” “no offense,” “capacity building,” and “collective action.” These tenets commit the companies to providing stronger defenses against cyberattacks while also helping to “empower” developers, customers, and businesses to protect themselves. The most interesting vow within the pledge, however, is the “no offense” clause, which states:

The companies will not help governments launch cyberattacks and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.

Microsoft’s participation in the pact is particularly notable, as it comes less than a year after the WannaCry ransomware virus — which was based on Windows vulnerabilities — wreaked havoc around the world. Then there was the NotPetya attack, which also targeted Windows PCs.

A number of countries have been implicated in those attacks and others, including North Korea, Iran, and increasingly Russia. Indeed, earlier this week the U.S and U.K. issued a joint warning about the growing threat posed by Russia to governments, companies, and private individuals. This type of danger is why technology companies are now coming together to take action collectively.

“The devastating attacks from the past year demonstrate that cybersecurity is not just about what any single company can do but also about what we can all do together,” said Microsoft president Brad Smith. “This tech sector accord will help us take a principled path toward more effective steps to work together and defend customers around the world.”

The 34 companies will hold their inaugural meeting during the RSA Conference in San Francisco this week, with a focus on “capacity building and collective action.”