Google took aim at Microsoft on Thursday claiming there’s a growing “monoculture” of the rival company’s software used in government that makes federal agencies more vulnerable to cyberattacks.
In a blog post, Google published the results of a survey that presents that “84% of D.C. metro government employees primarily use Microsoft products at work” and that more than half of respondents, by a slight margin, feel the Microsoft stronghold makes the federal government more vulnerable to cyber threats.
Conducted by Public Opinion Strategies, the poll was completed by “600 workers from the D.C. metro area and 338 workers employed by federal, state, or local governments across the country,” per Google.
The Google blog post was written by someone who knows federal IT and cybersecurity quite well: Jeanette Manfra, the former assistant director for cybersecurity for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). Manfra now is a senior director of global risk and compliance at Google.
Manfra posits that “one likely reason for such broad concern about cyberattacks is that many respondents reported experiencing a cyberattack at work. And while more than one-in-ten workers nationally have experienced disruptions from a cyberattack, the number increased to nearly one-in-three for D.C.-based government employees—nearly three times higher than the national average.”
“The SolarWinds breach in 2020, for example, may have cost governments and businesses more than $100 billion and the loss of vital national security information. Yet many government agencies continue to rely on the same legacy productivity software,” Manfra wrote, claiming that the results of the survey back that assertion.
Frank X. Shaw, Microsoft’s head of communications, called Google’s report “disappointing but not surprising.”
“It is also unhelpful to create divisions in the security community at a time when we should all be working together on heightened alert,” Shaw said. “We will continue to collaborate across the industry to jointly defend our customers and government agencies, and we will continue to support the U.S. government with our best software and security services.”
It’s no secret that Microsoft has a pervasive presence across the federal government — a market share that Google would certainly like to shift in its direction. And with the results of the survey, Google also tries to make a case that government employees want more choice — in some cases using unapproved products instead, which the tech industry refers to as “shadow IT.”
This survey isn’t the first to target Microsoft’s use in government. Last September, Google and the Computer & Communications Industry Association commissioned a separate poll that found a similar trend of Microsoft’s inflated usage across government, claiming it was “more than seven times the share of the next largest competitor.”