See my previous post on CWE 1277: Firmware Not Updatable.
The article, “Design for Cybersecurity from the Start” in MIT Sloan Management Review, really nails the continued issue with security for product design. Note I didn’t say “connected products” because that would be letting everyone who thinks they don’t design a connected product off the hook, and that thought process is one of the reasons we are in this mess as this article alludes.
The original articled is paywalled, but fortunately, I get my words on paper, still and I’ve added my highlights on it so I can remember the important discussion points. Later, I’ll scan the article with my highlights and sell it as an NFT.
I’ll talk about why cybersecurity gets no respect, why I’m liking the emergency preparedness analogy to cybersecurity, anecdotes of my experiences that line up with this article’s findings, and what organizations can do to improve their standings in this area.