UK Cyber CTO: Vendors' Security Failings Are Rampant

BLACK HAT EUROPE 2023 - London - Modern cybersecurity solutions are not good enough to keep up with attackers' growing capabilities, allowing threat actors to operate without sufficient ramifications.
That's according to Ollie Whitehouse, chief technology officer of the UK's National Cyber Security Centre.
In the opening keynote of Black Hat Europe in London today, Whitehouse highlighted a number of challenges and opportunities that the industry faces and should be looking to address.
Whitehouse - who joined the NCSC in September and previously served as CTO of consultancy NCC Group and in research roles for BlackBerry and Symantec - specifically highlighted a number of issues caused by gaps in security vendor products and behavior that work against the goal of a more cyber-secure world.
Particularly when it comes to software-as-a-service, how deep the security protections are depends on the tier, he pointed out - the more money spent, the more secure it is.
Whitehouse also said there is an opportunity for greater transparency from vendors, particularly those who sell both on-premises and SaaS products.
Many times, a vendor will disclose a vulnerability in an on-premises solution, but not for the SaaS version of a product.
Finally, looking ahead, he called for security vendors to pay more attention to attacks against industrial control systems.
Implement Basic Security Best Practices In terms of how to shore up security without being held hostage by individual vendors, Whitehouse highlighted several items of low-hanging basic security fruit he would like to see addressed by organizations.


This Cyber News was published on www.darkreading.com. Publication date: Wed, 06 Dec 2023 19:45:17 +0000


Cyber News related to UK Cyber CTO: Vendors' Security Failings Are Rampant