We must lock down the code. Nobody will bother to invest in making the higher-up layers more secure if our basic foundations are still weak. We can’t redo the internet or swap out the world’s code, nor should we try. But we can significantly raise the bar for the cybercriminals and nation-states looking to profit and wreak havoc on our infrastructure. To do this, we must stop introducing glaring bugs into our code. Part of the problem is the economy still rewards the first to market. Whoever gets their widget to market with the most features before the competition wins. But speed has always
...more
