“It’s on you Tech firms” is President Biden’s message to technology companies. The Biden administration today issued cybersecurity strategy that calls on software makers and American industry to take far greater responsibility to assure that their systems cannot be hacked, while accelerating efforts by the F.B.I. and the Defense Department to disrupt hackers and ransomware groups around the world. I’m not sure I don’t disagree with this but I’m not sure if it will fly. Hackers and Ransomware attackers are constantly honing their skills and for a software vendor to keep up with it many be nearly impossible.
It’s On You Tech Firms!
For years, the government has pressed technology companies to voluntarily report intrusions in their systems and regularly “patch” their programs to shut down newly discovered vulnerabilities, much as an iPhone does with automatic updates every few weeks, as well as Microsoft, etc. The new National Cybersecurity Strategy concludes that such voluntary efforts are insufficient in a world of constant attempts by sophisticated hackers, often backed by Russia, China, Iran or North Korea, to get into critical government and private networks. Still, it may be nearly impossible to keep up. Vendors update but it is still up to the consumer to install the updates. Some of the updates interfere with the vendor software. It’s a constant fluid evolvement. There is a much greater expense to the vendor that will most definitely be passed onto the consumer. They will need more employees…expensive ones to do research, development and programming. Still, there is no guarantee this will work.
Who is Responsible?
Who will be responsible? The operating system vendors, the firewall vendors, the network administrators? Who has the responsibility now? It may already be on the tech firms. The government is called in AFTER the attack. How can the tech firms keep up with China, Russia, etc.? The government will continue to do its part but It’s on you tech firms! I am going to sit back and watch!
Sheryl Cherico, Sr. Cybersecurity Consultant