Vendors Know Where Their Products Fail
In his second podcast with UberKnowledge Malcolm suggests the cyber skills shortage has been created by the industry’s own approaches. He believes security needs to be about protecting business outcomes and suggests the best way to do this is to factor security and privacy into the design of technology. He also reminds us that vendors know where their products fail, they are simply economically disincentivized to change.
- 01:52 The cyber skills shortage is real, but it’s been created by the approaches we’ve taken.
- 01:59 We’re in a reactive mode focused on detection and response, throwing bodies at the problem, and it’s ineffective.
- 04:05 We have to do a better job of applying a stringent security development lifecycle in the creation of technology.
- 05:33 Identify risk and reduce it by making it part of the product design goal.
- 06:48 The vendor community knows where its products fail. It does nothing about that because it can sell you six others to plug the gap.
- 07:33 If a product doesn’t do what it is designed to do in an effective, efficient fashion, get rid of it.
- 11:01 Security has to be about protecting business outcomes.
- 12:14 Three-fifths of companies claiming to use AI and machine learning aren’t. It’s just marketing hype.
- 14:04 The practitioner community needs to collaborate and provide better insights.
- 16:22 Younger generations want to do something that matters, and things that matter are hard.
- 17:09 If you have something to fight for, you have something to fight with. We shouldn’t be fighting each other on the approaches.