National Cyber Security Centre CTO Ollie Whitehouse kicked off day two of British infosec conference CYBERUK with a tirade on the tech market, pulling it apart to demonstrate why he believes it's at fault for many of the security problems the industry is facing today.
He pointed to the circa 14 percent increase in disclosed and registered vulnerabilities, the ones that intelligence agencies are aware of, that is, to illustrate the point. "We have levels of technical debt, extremely high levels in organizations, and in technology more generally. And the vulnerability when it is found, that technical debt is often really, really quite shallow."is that while we can measure it, the industry needs to impose a cost of negligence on failing vendors, and not simply allow them to escape that liability through their terms and conditions.