smartnuts … the world on the cabaret-style dissecting table

Makers of insecure software are the real cyber villains

By Michael Bunzel
In Cybercrime, Cybersecurity, IT Security, Technology
3 Wochen ago
1 Min Read
M

You’re not used to hearing such strong words at snake-oil conferences. But she said them in her keynote at Mandiant’s mWise conference – Jen Easterly, head of the Cybersecurity and Infrastructure Security Agency (CISA), an agency of the US government. And not being one to take prisoners or do things by halves, she adds: “Even calling security holes ‘software vulnerabilities’ is too lenient. That phrase really diffuses responsibility. We should call them ‘product flaws…'”

And she continues: “Despite a multi-billion-dollar cybersecurity industry, we still have a multi-trillion-dollar software quality problem that leads to a trillion-dollar global cybercrime problem.”

Also very nice: “We don’t have a cybersecurity problem, we have a software quality problem. We don’t need more security products – we need more secure products.

About the author

Michael Bunzel

Michael (Mike) Bunzel (aka maschasan) is a lawyer and engineer currently living in Germany. He has been working in the field of Cybersecurity and related laws and regulations for over 25 years now.

Mike took on various roles and functions in the context of Information Security, Cybersecurity, and SCADA/Shopfloor Security at a German car manufacturer in southern Germany for more than fifteen years now - currently in the R&D resort, with focus on E/E-systems in the context of automotive cybersecurity.

Mike has worked with global organizations across dozens of countries, cultures and languages, well-travelled in EMEIA, APAC and the Americas.

All articles in this blog do NOT reflect the opinion of his employer, but are all an expression of his personal view of things.

View all posts

Read more

1 Monat ago

Wir sind wieder Wer (II)

By Michael Bunzel
3 Min Read
14September

…. zumindest, wenn es nach der ITU geht: Deutschland ist einem Bericht der UN-Organisation für Telekommunikation (ITU) zufolge eines der Vorzeigeländer in Sachen Cybersicherheit. Im globalen Cybersicherheitsindex 2024 ist Deutschland eines von 46 Ländern, die die ITU wegen ihrer Maßnahmen als Vorbilder bezeichnet. Insbesondere heben die Verfasser dieses Berichts Deutschland lobend...

1 Monat ago

Die klauen unser Know-How!

By Michael Bunzel
2 Min Read

Ein kurzer Realitätsabgleich zur den Stammtischparolen, dass “die Chinesen” immer noch massenweise technologisches Know-how aus Europe raustragen: Im Juli diesen Jahres gab es ein Treffen in Beijing zwischen Regierungsvertretern und den Spitzenmanagern der chinesischen Automobilkonzerne wie BYD, Great Wall, SAIC, Aiways, Nio, Lynk&Co, …. . Bei diesem Treffen wurden die...

1 Monat ago

UNser Geschenke für Euch

By Michael Bunzel
2 Min Read
04September

…. dachte sich wohl die 12%, 8%, 5%, 3% Porschefahrerpartei, die gerade das BMDV hostage hält, als sie die Idee vom “anerkannten Dienst zur Einwillgungsverwaltung” gebar. Mit “Euch” seid freilich nicht ihr, liebe Leser, gemeint. Mit “Euch” wird vielmehr die Content- und Werbemafia adressiert, die möglichst ungestört ihrem widerlichen Geschäft der...

2 Monaten ago

Don’t try to explain my world to me!

By Michael Bunzel
7 Min Read
31August

I’m not going to waste my time ranting about generational conflicts or “everything used to be better” nonsense. No – this is a rant about the consulting industry in cybersecurity. It’s time to call out the nonsense and demand better. Everyone knows them. They’re the self-proclaimed CEOs of some consulting clique, the thought cybersecurity leaders, the keynote...

By Michael Bunzel 3 Wochen ago
smartnuts … the world on the cabaret-style dissecting table

Get in touch

Tags

Advisory Business (1) AI (5) Automotive (1) Belt and Road (1) Berater (1) China (1) CISA (1) Cookie-Einwilligung (1) Cyber-Cyber (1) Cyberpolitik (2) Cybersicherheitsindex 2024 (1) DDR (1) Degenerative KI (1) Elsevier (1) EU (1) FDP (2) Geschichtsaufarbeitung (1) Gier (1) Hacker (3) ITU (1) Jen Easterly (1) John Wiley & Sons (1) Kowalczuk (1) Kriminalpolitik (1) Large Language Models (2) Legal Interception (1) LinkedIn (1) LLM (3) Made in China 2025 (1) Mövenpick-Partei (1) Ostdeutschland (1) Peer-Review (1) risk management (1) Security Landscape (1) snake-oil-dealer (1) software quality (2) Sozialdarwinismus (1) SPD (1) Stasi (1) Umfallerpartei (1) UN R155 (2) Verlagsmonopol (1) Volksparteien (1) Werbemafia (1) Wolters Kluwer (1)