During his speech at Black Hat, Dan Geer, CIO of the CIA’s investment arm In-Q-Tel, laid out a five-point plan to fix online security. Steps in this plan included:
- holding software vendors accountable for bad products
- giving IOT devices a remote management interface or a fixed lifetime and
- having the governments buy every new software bug
How feasible is this plan?
Listen to our latest security slice podcast and hear Lamar Bailey, Craig Young and Lane Thames discuss why “remote management interface” strikes fear into the hearts of security researchers, why security warranties benefit vendors more than customers and why government agencies can never buy every vulnerability.
CLICK HERE TO LISTEN TO THE PODCAST
- Security Slice: Big Bad USB
- Security Slice: Tearing Up Tor
- Security Slice: Security Up For Ransom
- Security Slice: CISPA 2.0?
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock