Published on June 17th, 2009 📆 | 5692 Views ⚑
0David Rice at GOVCERT.NL 2008: Geekonomics – incentives for sustainable cybersecurity
Text to Speech
At the GOVCERT.NL Security Conference 2008 in the Netherlands, David Rice (The Monterey Group) gave this talk based on his book 'Geekonomics'.
More information at www.govcertsymposium.com
Abstract:
Economic, legal, and regulatory incentives in the software market are missing, distorted, or perverted. This allows software manufacturers to continuously "dump" vast quantities of vulnerabilities into the global stream of commerce, with little consequence to them and with great consequence to everyone else. The money expended on cyber security is, in part, to deal with the effects of insecure software, not to prevent insecure software in the first place. This simply is not sustainable. It should be more expensive (and more difficult) for attackers to discover vulnerabilities than for software buyers to protect against an unrelenting deluge of vulnerabilities. Because of software's pervasiveness, "bad" software is no longer a technical issue, but public policy issue.
In this talk David Rice discusses possible incentives for creating sustainable cyber security for the global community.
source
Gloss