Experts Cite Software's Role In Cyberattacks
Security observers said Tuesday that software developers should be accountable for programming errors that enable cyberattacks, Nextgov reported.
Programming errors are behind most major security bugs and cyber crime, including recent attacks on Google, according to a new list of the top 25 tech mistakes released by the SANS Institute, a research cooperative, and MITRE Corp., a nonprofit technology organization. In addition to the latest rankings, acquisition experts announced new standards for contract language aimed at protecting software buyers from being held responsible for faulty code.
"Nearly every attack is enabled by mistakes programmers make that provide a handhold for attackers," wrote Alan Paller, director of research at SANS Institute in an e-mail. "The only way programming errors can be eradicated is by making software development organizations legally liable for the errors. And that can only be done if there is a safe harbor. The announcement on Tuesday is the foundation for the safe harbor."
The list ranks programming and design errors based on prevalence and importance. It also includes information on mitigation strategies to help developers reduce or eliminate weaknesses. To read more , click here.
Categories:
Cybersecurity
Join the Discussion
The National Journal Group has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate.
Comments powered by Disqus