At the RSA conference this week... One of the big announcements for the event is CISA's Secure By Design pledge. Many technology leaders have signed on. Everyone get your resumes updated! We'll have better security soon, because they PROMISED! Okay, jokes aside. Are we to believe that the likes of Microsoft and Cisco could have been building secure technology this whole time and that all that was needed was for a government agency to convince them that they should? This is a massive over-simplification of the problem. First, it pre-supposes that technology companies are actually capable of building secure software in the first place. Many of these companies are going to market with technologies that are so complex that they struggle just to get their products to work at all. In many cases, no single person understands the architecture of an entire product, so a holistic view of security for a piece of software may not be possible. I would argue that building verifiably secure software is simply beyond the reach of all but the most sophisticated development teams. Now, let's imagine that many of these companies actually COULD build software that's secure by design. How long before the technology environment of the world becomes awash in these software products? Five years? Ten? Twenty? Even if every software company in the world today started doing this with 100% efficacy, it would take a decade or more for the technology portfolios of the world's businesses to be fully replaced with "secure by design" products. If ever there was a "boil the ocean" proposal for security, surely "get everyone to promise to rebuild all the software in the world, so it's secure by design" is definitely it.
Adam Tyra’s Post
More Relevant Posts
-
In our hyperconnected Digital+ world, your success depends on a #secure enterprise. We can help you make the right decisions to help protect your #software, manage all endpoints, and keep your organization safe. Learn more: https://hclsw.co/pt926i #EnterpriseSecurity #FueledByHCLSoftware
-
In our hyperconnected Digital+ world, your success depends on a #secure enterprise. We can help you make the right decisions to help protect your #software, manage all endpoints, and keep your organization safe. Learn more: #EnterpriseSecurity #FueledByHCLSoftware
In our hyperconnected Digital+ world, your success depends on a #secure enterprise. We can help you make the right decisions to help protect your #software, manage all endpoints, and keep your organization safe. Learn more: https://hclsw.co/pt926i #EnterpriseSecurity #FueledByHCLSoftware
-
The recent Microsoft outage caused by the CrowdStrike security update highlights the fragility of the overall internet ecosystem that hosts software applications accessible in the public domain or those that interact with other public domain applications. This catastrophic event raises several critical questions that the technology industry, regulatory authorities, and governments must address collectively, given the direct impact such incidents have on the public that affect millions of people across the globe. Are we building truly resilient applications? While our focus is on application and infrastructure resiliency, we assume that the underlying global internet ecosystem is resilient. What if this global ecosystem is compromised? Do we have an alternative, parallel ecosystem that can be activated in case of such incidents? Decentralisation of the internet ecosystem: A few players currently control the internet ecosystem, including cloud services. These entities are perceived as "too big to fail," which is a significant concern. Prioritising the decentralisation of this ecosystem is essential to mitigate risks. Regulatory controls: There should be established parameters for the resiliency of applications hosted in the public domain or those affecting the public's daily life. These parameters need regular evaluation, and a regulatory body should oversee this process to ensure transparency and compliance. Transparency: Software applications must be more transparent when interacting with components outside their domain. Clear communication and visibility into these interactions are crucial. Liabilities: Software companies must be held accountable for public damage caused by their faulty software. The responsibility lies with these companies to develop genuinely resilient software, especially if deployed in the public domain or handling the people's daily affairs.
-
Additional step into software https://lnkd.in/d68QKBnm
-
🚨 Is your business still running on outdated software? It could be costing you more than you think! From high maintenance expenses and security vulnerabilities to decreased productivity and missed opportunities for growth, legacy systems are dragging businesses down. In today’s fast-paced world, the right technology is key to staying competitive. Learn how upgrading your software can help cut costs, boost efficiency, and set your business up for success. 💡 Read the full article here 👉 https://lnkd.in/dG2UEXqm #BusinessGrowth #DigitalTransformation #TechUpgrade #Innovation #LegacySystems #Cosmoxyn
Why Legacy Software Systems Are Costing Your Business More Than You Think
medium.com
-
Managing complex networks can be challenging—do you lack a clear view of device connections? This is where network map software comes in! Virima's latest blog discussed the features and benefits of the same. Key highlights include: ✔️What is network map software? ✔️Benefits of #networkmapsoftware ✔️Key features of #networkmap software ✔️How to choose the right network #mapsoftware ✔️Why choose Virima for network map software? To know all the above in details, read this blog now=> https://lnkd.in/evyGgZrg
The ultimate guide to network map software: Features and benefits | Virima
https://virima.com
-
Managing complex networks can be challenging—do you lack a clear view of device connections? This is where network map software comes in! Virima's latest blog discussed the features and benefits of the same. Key highlights include: ✔️What is network map software? ✔️Benefits of #networkmapsoftware ✔️Key features of #networkmap software ✔️How to choose the right network #mapsoftware ✔️Why choose Virima for network map software? To know all the above in details, read this blog now=> https://lnkd.in/e9dpfyft
The ultimate guide to network map software: Features and benefits | Virima
https://virima.com
-
Why Is Your Software Losing Network Connection? Losing network connection with your software? Discover surprising causes and effective solutions to enhance your digital experience. https://lnkd.in/eCzsBKhy
Why Is Your Software Losing Network Connection?
https://dr-it.co.uk
-
For those that are in need of a solution to the #Crowdstrike update for your HyperV and VMWare environments.
Fenix24 has released recovery scripts to aid companies impacted by the recent global technology outage linked to CrowdStrike. The solution, building on CrowdStrike's previous fix for unaffected computers, offers tools to deploy the CrowdStrike script to any device in Safe Mode with networking enabled, thus enabling rapid remediation at scale for machines already experiencing the "blue screen of death." UPDATE Hyper V solution released: Update Number 1 1:37PM CST: This process is intended for VMs on a Hyper-V host, This script must be ran from the Hyper-V host directly. This script will mount all VM's VHDs defined in the $vmNames variable, It will hunt and remove the impacted CS files. The VMs will be shut down, files cleaned, and then powered back up. UPDATE 2 2:22 PM CST: This process is for use to remediate the CrowdStrike update issue on VMWare virtual machines. The process will connect to the vCenter server, capture all VMs in vCenter, remove the update file from each, then disconnect from vCenter. We are proud to provide this free, swiftly developed solution as part of our commitment to being a Good Samaritan and offering help where we can make a difference. Please go here to gain access to everything
Crowdstrike Outage REMEDIATION - Fenix24
https://fenix24.com
-
In the #ConsumerProducts industry, software solutions play a pivotal role in driving business performance. But, when a software solution reaches its end of life, several negative implications can arise, impacting the efficiency, security, and competitiveness of a business. In our latest #blog article, we explore how to avoid the need for a difficult transition - take a read below!
Navigating the Pitfalls of End of Life (EOL) Software
aforza.com
Cyber Risk Thought Leader | Executive Level Strategist | Board Advisor | Board Member
5moI take it you're a glass half full kinda guy Adam :)