If patching isn’t a viable solution, we have to find vulnerabilities before they’re hacked—and, more importantly, before they become entrenched in the underlying system and lobbyists start pushing for them to be normalized. In financial systems, government agencies could engage in red-teaming by hiring accountants and attorneys to study the systems as they evolve, and to improve regulations while they are still in draft.
Andy Lo
