smartnuts … the world on the cabaret-style dissecting table

Makers of insecure software are the real cyber villains

By Michael Bunzel
In Cybercrime, Cybersecurity, IT Security, Technology
2 Monaten ago
1 Min Read
M

You’re not used to hearing such strong words at snake-oil conferences. But she said them in her keynote at Mandiant’s mWise conference – Jen Easterly, head of the Cybersecurity and Infrastructure Security Agency (CISA), an agency of the US government. And not being one to take prisoners or do things by halves, she adds: “Even calling security holes ‘software vulnerabilities’ is too lenient. That phrase really diffuses responsibility. We should call them ‘product flaws…'”

And she continues: “Despite a multi-billion-dollar cybersecurity industry, we still have a multi-trillion-dollar software quality problem that leads to a trillion-dollar global cybercrime problem.”

Also very nice: “We don’t have a cybersecurity problem, we have a software quality problem. We don’t need more security products – we need more secure products.

About the author

Michael Bunzel

Michael (Mike) Bunzel (aka maschasan) is a lawyer and engineer currently living in Germany. He has been working in the field of Cybersecurity and related laws and regulations for over 25 years now.

Mike took on various roles and functions in the context of Information Security, Cybersecurity, and SCADA/Shopfloor Security at a German car manufacturer in southern Germany for more than fifteen years now - currently in the R&D resort, with focus on E/E-systems in the context of automotive cybersecurity.

Mike has worked with global organizations across dozens of countries, cultures and languages, well-travelled in EMEIA, APAC and the Americas.

All articles in this blog do NOT reflect the opinion of his employer, but are all an expression of his personal view of things.

View all posts

Read more

3 Wochen ago

Business consulting – or the easy way to make some extra cash

By Michael Bunzel
1 Min Read
01November

The management consultants at McKinsey have once again used all their cognitive resources to identify a worthwhile target for a (‘scientific’) study1, and then eloquently and confidently set out to achieve it. OK – that may sound a little pejorative. Perhaps we should put it like this: They kicked down another barn door that was already wide open and discovered that AI’s...

4 Wochen ago

China-Sanktionspolitik und ihre Folgen

By Michael Bunzel
4 Min Read
26Oktober

Im Ringen um politische und vorallem wirtschaftliche Vorherrschaft sind Sanktionen ein häufiges anzutreffendes und ebenso häufig untaugliches Mittel, um mittel- und langfristig die Oberhand zu gewinnen. Jüngstes Beispiel ist die US-Sanktionspolitik in Richtung China bezüglich des Zugangs des Reichs der Mitte zu State-of-the-art Chiptechnologie. Hierbei geht es nicht so sehr um den Import von...

2 Monaten ago

Wir sind wieder Wer (II)

By Michael Bunzel
3 Min Read
14September

…. zumindest, wenn es nach der ITU geht: Deutschland ist einem Bericht der UN-Organisation für Telekommunikation (ITU) zufolge eines der Vorzeigeländer in Sachen Cybersicherheit. Im globalen Cybersicherheitsindex 2024 ist Deutschland eines von 46 Ländern, die die ITU wegen ihrer Maßnahmen als Vorbilder bezeichnet. Insbesondere heben die Verfasser dieses Berichts Deutschland lobend...

2 Monaten ago

Die klauen unser Know-How!

By Michael Bunzel
2 Min Read

Ein kurzer Realitätsabgleich zur den Stammtischparolen, dass “die Chinesen” immer noch massenweise technologisches Know-how aus Europe raustragen: Im Juli diesen Jahres gab es ein Treffen in Beijing zwischen Regierungsvertretern und den Spitzenmanagern der chinesischen Automobilkonzerne wie BYD, Great Wall, SAIC, Aiways, Nio, Lynk&Co, …. . Bei diesem Treffen wurden die...

By Michael Bunzel 2 Monaten ago
smartnuts … the world on the cabaret-style dissecting table

Get in touch

Tags

Advisory Business (1) AI (5) AI power consumption (1) Automotive (1) Belt and Road (1) Berater (1) China (2) CISA (1) consultancy (1) Cookie-Einwilligung (1) Cyberpolitik (2) Cybersicherheitsindex 2024 (1) DDR (1) Elsevier (1) FDP (2) Geschichtsaufarbeitung (1) Gier (1) Hacker (3) ITU (1) Jen Easterly (1) John Wiley & Sons (1) Kowalczuk (2) Kriminalpolitik (1) Large Language Models (2) Legal Interception (1) LinkedIn (1) LLM (3) Made in China 2025 (2) McKinsey (1) Mövenpick-Partei (1) Ostdeutschland (2) Peer-Review (1) Sanktionspolitk (1) Security Landscape (1) SME (1) snake-oil-dealer (1) software quality (2) SPD (1) Stasi (1) Umfallerpartei (1) UN R155 (2) Verlagsmonopol (1) Volksparteien (1) Werbemafia (1) Wolters Kluwer (1)