Skip to content ↓ | Skip to navigation ↓

During his speech at Black Hat, Dan Geer, CIO of the CIA’s investment arm In-Q-Tel, laid out a five-point plan to fix online security. Steps in this plan included:

  • holding software vendors accountable for bad products
  • giving IOT devices a remote management interface or a fixed lifetime and
  • having the governments buy every new software bug

How feasible is this plan?

Listen to our latest security slice podcast and hear  Lamar Bailey, Craig Young and Lane Thames  discuss why “remote management interface” strikes fear into the hearts of security researchers, why security warranties benefit vendors more than customers and why government agencies can never buy every vulnerability.





picCheck out Tripwire SecureScan™, a free, cloud-based vulnerability management service  for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.

The Executive’s Guide to the Top 20 Critical Security Controls pic

Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].

Title image courtesy of ShutterStock