A Consumer Reports model could be what finally forces companies to better protect our data

A Consumer Reports model could be what finally forces companies to better protect our data

A Consumer Reports model could be what finally forces companies to better protect our data

The numbers are depressing. An estimated 700 million data records were stolen in 2015. But despite the billions spent on computer security, flaws that allow such attacks are fixed slowly. A June report found that financial companies, for example, take on average over five months to fix known online security vulnerabilities.

“The security industry gets $75 billion every year to try to secure things, and what you get for that is everybody is hacked all the time,” said Jeremiah Grossman, chief of security strategy at SentinelOne, speaking at the Black Hat security conference in Las Vegas on Wednesday.

Yet Grossman and some other veterans of the security industry have lately become more optimistic. They see a chance that companies will soon have much stronger financial incentives to invest in securing and maintaining software.

A new nonprofit called the Cyber Independent Testing Laboratory (CITL) has developed ways to score and compare the security of software products such as Web browsers and operating systems. The aim is to help consumers and companies choose the most secure products, and to shame those putting our data at risk into doing better.

Read Also:
What Recruiters and Hiring Managers Are Looking for in a Data Scientist

That effort comes at a time insurance companies have begun to take an interest in understanding the risks for security breaches, something that could create new financial incentives for companies to pay attention to security. Insurers could pressure companies in a similar way to the industry’s role in advancing auto and electrical safety. PwC reported last year that companies are being forced to rely more heavily on cyber insurance because the costs of corporate data breaches are growing fast.

CITL was established by high-profile hacker Peiter Zatko, also known as Mudge, and his wife, Sarah, who is also a security researcher. The pair presented their first results at the Black Hat conference Wednesday, showing how analysis methods they had developed can assign a range of security scores to different software programs.

CITL is modeled on Consumer Reports, and will publish scores aimed at non-experts as well as more detailed assessments for industry insiders.

 

Read Also:
Wearables Data Support Proactive Treatment in Senior Care


Data Innovation Summit 2017

30
Mar
2017
Data Innovation Summit 2017

30% off with code 7wData

Read Also:
Are you still struggling with your data?

Big Data Innovation Summit London

30
Mar
2017
Big Data Innovation Summit London

$200 off with code DATA200

Read Also:
4 ways to keep digital business development on course

Enterprise Data World 2017

2
Apr
2017
Enterprise Data World 2017

$200 off with code 7WDATA

Read Also:
Are you still struggling with your data?

Data Visualisation Summit San Francisco

19
Apr
2017
Data Visualisation Summit San Francisco

$200 off with code DATA200

Read Also:
The goal of big data: Making the unusual usual

Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
What Recruiters and Hiring Managers Are Looking for in a Data Scientist

Leave a Reply

Your email address will not be published. Required fields are marked *