One Article Review
| Source |  Schneier on Security |
|---|---|
| Identifiant | 8308223 |
| Date de publication | 2023-02-08 11:46:43 (vue: 2023-02-08 12:06:41) |
| Titre | SolarWinds and Market Incentives |
| Texte | In early 2021, IEEE Security and Privacy asked a number of board members for brief perspectives on the SolarWinds incident while it was still breaking news. This was my response. The penetration of government and corporate networks worldwide is the result of inadequate cyberdefenses across the board. The lessons are many, but I want to focus on one important one we've learned: the software that's managing our critical networks isn't secure, and that's because the market doesn't reward that security. SolarWinds is a perfect example. The company was the initial infection vector for much of the operation. Its trusted position inside so many critical networks made it a perfect target for a supply-chain attack, and its shoddy security practices made it an easy target... |
| Envoyé | Oui |
| Condensat | 2021 across are asked attack because board breaking brief but chain company corporate critical cyberdefenses doesn early easy example focus government ieee important inadequate incentives incident infection initial inside isn its learned: lessons made managing many market members much networks news number one operation penetration perfect perspectives position practices privacy response result reward secure security shoddy software solarwinds supply target that trusted vector want worldwide |
| Tags | |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.