GitHub joins industry commitment to curb cyber mercenaries
GitHub is proud to join 40 companies endorsing the Cybersecurity Tech Accord principles limiting offensive operations in cyberspace.
As cyberspace has increasingly become a site of conflict, there has been a rise in cyber mercenaries, or private sector actors that wage offensive operations in cyberspace on behalf of governments or private actors. Cyber mercenaries hoard and sell exploits and surveillance tools, undermining everyone’s security. The technology industry must come together to address global challenges, including by taking steps to combat the threat of cyber mercenaries.
To quote the White House National Cybersecurity Strategy: “We must rebalance the responsibility to defend cyberspace by shifting the burden for cybersecurity away from individuals, small businesses, and local governments, and onto the organizations that are most capable and best-positioned to reduce risks for all of us.”
GitHub is proud to join 40 companies endorsing the Cybersecurity Tech Accord principles limiting offensive operations in cyberspace. Building on the Cybersecurity Tech Accord’s founding commitments, these principles charge companies to:
- Take steps to counter cyber mercenaries’ use of products and services to harm people
- Identify ways to actively counter the cyber mercenary market.
- Invest in cybersecurity awareness of customers, users and the general public.
- Protect customers and users by maintaining the integrity and security of products and services.
- Develop processes for handling valid legal requests for information.
At GitHub, we take action through providing the best tools and practices for secure software development, helping fund open source security projects, adhering to principles that increase trust and security in cyberspace, and protecting legitimate security researchers. We leverage law and policy to defend the software ecosystem; in 2020, GitHub joined an amicus brief in NSO v. WhatsApp opposing the expansion of foreign sovereign immunity to private cyber-surveillance companies that act on behalf of foreign governments. And we’re committed to working with like-minded organizations, governments, and civil society to make digital technologies work for democracy and human rights.
We encourage fellow companies to endorse these principles and join the collective fight against cyber mercenaries.
Written by
Related posts
Students: Start building your skills with the GitHub Foundations certification
The GitHub Foundations Certification exam fee is now waived for all students verified through GitHub Education.
Announcing GitHub Secure Open Source Fund: Help secure the open source ecosystem for everyone
Applications for the new GitHub Secure Open Source Fund are now open! Applications will be reviewed on a rolling basis until they close on January 7 at 11:59 pm PT. Programming and funding will begin in early 2025.
Software is a team sport: Building the future of software development together
Microsoft and GitHub are committed to empowering developers around the world to innovate, collaborate, and create solutions that’ll shape the next generation of technology.