On Thursday, June 10, Axios technology policy reporter Ashley Gold discussed the state of cybersecurity and the impact of software supply chains in preventing security breaches, featuring Sen. Mark Warner (D-Va.) and Thistle Technologies founder & CEO Window Snyder.
Sen. Warner discussed cybersecurity policy and the need for swift action from Congress.
- On what policymakers need to do about cybersecurity: "Congress needs to act...We are working on a bill that would require mandatory reporting if you are a critical infrastructure company or a federal government contractor or the government itself...What we have right now is simply voluntary reporting."
- On how to address cyber threats: "We need to up our game. We need to do better on defense. But defense alone will not solve this problem. We're going to need offensive capabilities. And that starts at least with making sure the government knows what's going on so we can bring those capabilities to bear."
Window Snyder unpacked trends in cybersecurity attacks as well as why technologies that depend on third-party components leave themselves more vulnerable.
- On the increase in ransomware attacks: "I think there is an increase in these kinds of attacks with ransomware. There is a business model that's been established, it's been demonstrated successful for those criminals...The other end of it is that it feels more impactful to folks who are not deeply embedded in the industry because it's actually impacting things that consumers can feel."
- How third-party technologies make security more complicated: "[Companies] are realizing that the technology products that they produce are not just built of components that they control, but are also incorporating third-party technologies that increase the complexity of these systems...The product is assuming all the security risks of risk of all of the components that it incorporates."
Axios Chief Revenue Officer Fabricio Drumond hosted a View from the Top Segment with Google vice president of security Royal Hansen who discussed how businesses can make their software supply chains more secure.
- "You are incredibly dependent in every part of your life on software. And as the number of lines of code grows you only increase your dependence and the risk...It's going to take up businesses, not only the efforts to write their software more securely but to understand all of their dependencies and the vendors they use."
Thank you Google for sponsoring this event.