Bestgamingpro

Product reviews, deals and the latest tech news

Tech Companies Must Take Security Responsibility

It’s simple to get mesmerised by the cutting-edge technology unveiled at CES. Where else can you find flying cars, pee-sensing toilets, and an overwhelming number of robots?

The need for tech companies to prioritise security and privacy and build it in from the start is highlighted by this new technology, which frequently collects enormous amounts of personal data from untold numbers of consumers.

As Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, noted during a CES panel, “data protection concerns are frequently pushed to the back burner in favour of exciting new features, keeping costs low, and getting the tech to market as quickly as possible.”

That’s in part because neither the government nor the general public are held accountable.

Easterly said, “We don’t seem to be recognising that as a fundamental safety issue.” He added that while businesses have many incentives to produce goods quickly and cheaply, there are few incentives to make them safe.

Sadly, this places the responsibility of protecting technology on users, who are least qualified to comprehend cyberthreats and protect themselves from them, according to Easterly.

Speaking on a CES panel, CrowdStrike CEO George Kutz said that the average person shouldn’t have to consider security beyond the most fundamental levels.

Consumers should receive some sort of assurance that a technological purchase, like a home security camera, will be secure and supported with software updates for a predetermined period of time, say five years, according to Kutz. They may be left on their own after that, but they won’t have to give it any thought in the interim.

The same problems will keep happening, according to Kurtz, “until there’s some level of oversight and regulation and, you know, some sort of sensible practise in how people buy these things and how they view security as a differentiator.”

According to Bitdefender’s Dan Berte, head of internet of things research, it wouldn’t be too much to ask of tech companies to secure and maintain their products for at least a few years.

The majority of the previous year was devoted to Berte’s team’s analysis of flaws in various brands of internet-connected cameras. They found security flaws in a number of the products, which they then reported to the manufacturers. However, according to him, it was difficult to get many of those manufacturers to recognise and address the issues.

In an interview with CNET, Berte stated, “I think responsibility should be required by law — that you provide instant patching and support for three years, especially if a vulnerability is reported.

He suggested fining businesses that don’t do this and removing repeat offenders’ products from the market.

Just like food manufacturers are required to list the ingredients in their products, tech companies should also be required to be transparent with consumers about the security protections that are built into their technology, according to Eastery.

People will have a better chance of making informed decisions about the types of technology they bring into their homes in this manner. She added that this transparency might encourage tech companies to prioritise product security as a matter of course.

From a consumer perspective, we really need to be demanding better safety in our products, said Easterly. “Technology companies are actually pushing and trying to get there,” he said.

The majority of the previous year was devoted to Berte’s team’s analysis of flaws in various brands of internet-connected cameras. They found security flaws in a number of the products, which they then reported to the manufacturers. However, according to him, it was difficult to get many of those manufacturers to recognise and address the issues.

In an interview with CNET, Berte stated, “I think responsibility should be required by law — that you provide instant patching and support for three years, especially if a vulnerability is reported.

He suggested fining businesses that don’t do this and removing repeat offenders’ products from the market.

Just like food manufacturers are required to list the ingredients in their products, tech companies should also be required to be transparent with consumers about the security protections that are built into their technology, according to Eastery.

People will have a better chance of making informed decisions about the types of technology they bring into their homes in this manner. She added that this transparency might encourage tech companies to prioritise product security as a matter of course.

From a consumer perspective, we really need to be demanding better safety in our products, said Easterly. “Technology companies are actually pushing and trying to get there,” he said.