Home US Cybersecurity Head Says Tech Ecosystem is Really Unsafe
Software News

US Cybersecurity Head Says Tech Ecosystem is Really Unsafe

James Capell
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.
Jen Easterly | US cybersecurity
Image Credit: CISA

The head of the US Cybersecurity and Infrastructure Security Agency (CISA) has warned that the current technology ecosystem has too many security issues.

In a recent interview with Yahoo Finance at the CES 2023 conference in Las Vegas, CISA Director Jen Easterly emphasized the need for collaboration between tech companies, consumers, and the government to enhance cyber safety.

In recent years, independent hackers and state-sponsored actors have targeted a range of systems, including critical US infrastructure, government IT systems, hospitals, and banks.

Easterly, who was appointed as CISA director in 2021, explained that tech firms must make sure the software they release into the market has fewer flaws that can be exploited. Easterly said to Yahoo Finance,

We live in a word of massive connections where that critical infrastructure that we rely upon is all underpinned by a technology ecosystem that unfortunately has become really unsafe. We’ve essentially accepted as normal that technology is released to market with dozens or hundreds or thousands of vulnerabilities and defects and flaws.

She further went on to say,

We’ve accepted the fact that cyber safety is my job and your job and the job of my mom and my kid, but we’ve put the burden on consumers, not on the companies who are best equipped to be able to do something about it.

Microsoft Must Be Held to a Higher Standard (Not Really)

Easterly stated that tech giants like Microsoft must be held to a higher standard to ensure their software is as free of flaws as possible. To achieve this, companies must:

  • Create products that are secure by design
  • Ensure that their software has security settings turned on by default, and
  • Encourage their CEOs to embrace good corporate cyber responsibilities

While it’s all well and good Easterly calling for better security, the comments feel a little misguided. Tech giants already invest a large number of their resources into cybersecurity and have attractive bug bounty programs to find and fix issues before malicious actors.

It’s already in the best interest of tech companies to be as secure as possible, as poor security practices can severely damage a company.

It’s also strange that Easterly pokes the finger at Microsoft as a fair amount of security issues come about due to user maloperations rather than flaws in Microsoft’s or other big tech products.

If the technology in the ecosystem is used correctly, the risk to consumers is small. We arguably live in the most cyber-safe times with stronger encryption and multifactor authentication becoming available.

If hospitals leave their backdoor open to malicious hackers, it’s hardly the fault of big tech.

The Tech Report - Editorial ProcessOur Editorial Process

The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.

James Capell

James Capell

Technical editor and journalist. I have a particularly strong interest in NLP, AI ethics and cyber crime. Not too fond of cats.