The Urgent Call to Address UK’s Flawed IT Security Market

Blog
The Urgent Call to Address UK’s Flawed IT Security Market

The failures in the technology market have sparked discussions within the UK government about the possibility of implementing legislation to force IT suppliers to prioritize the security of their products. Policy advisors believe that legislation may be necessary to incentivize software and hardware suppliers to develop products that are resilient against cyber attacks. The US is already considering a similar approach, with proposed laws that would hold software suppliers legally responsible if they deliver insecure products and services. Ollie Whitehouse, the chief technology officer at the National Cyber Security Centre, has highlighted the problem of the market failing to encourage technology suppliers to invest in securing their software. Despite the existence of advanced research projects that demonstrate the feasibility of creating cyber-resilient technology, suppliers are still failing to address the basics. The number of security vulnerabilities continues to rise, and many claims made by software companies do not align with reality. The market is primarily driven by value and cost, which often undermines cybersecurity efforts. Short-term solutions, such as the NCSC’s active cyber defense program, do exist, but the long-term goal is to change the dynamics of the security market. This involves promoting transparency regarding software costs, measuring effectiveness, and recording technical debt. Whitehouse suggests that fines for negligence should be imposed on software companies that sell insecure products. This would require a significant shift in the current system that allows software companies to evade responsibility for the damage caused by cyber attacks. Similar ideas are already being proposed in the US, where liability for software products and services is being considered by Congress. It is acknowledged that the UK government lacks the financial resources to persuade IT suppliers to accept liability for security failures through contracts alone. Academic research suggests that businesses and individuals are willing to pay more for secure software, but there are limits to how much extra they are willing to pay. Therefore, the UK may need to follow the US approach of introducing legislation to hold IT suppliers financially accountable for inadequate attention to security in their products. Although such a change will take time and face opposition from software suppliers, it appears to be the direction in which the industry is heading.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
Merger-business-connect-adobe.jpg

Exclusive Interview with Abhijit Dubey, CEO of NTT Data on a Global Scale

  • GLOBUS.studio
tr_20240725-best-call-center-software.jpg

Top 6 Call Center Software Programs in 2024

  • GLOBUS.studio
bing-ai-search-jul-24.png

Microsoft is experimenting with incorporating new generative AI search technology into Bing

  • GLOBUS.studio
dice-risk-gamble-adobe.jpeg

Code42, an insider threat specialist, to be acquired by Mimecast

  • GLOBUS.studio
tr_20240724-best-data-science-courses.jpg

7 Top Data Science Courses You Should Take in 2024

  • GLOBUS.studio
Syrian-refugees-Turkey-Getty.jpg

NCA confiscates numerous social media profiles utilized by human traffickers

  • GLOBUS.studio
AdobeStock_781969564_Editorial_Use_Only.jpg

The Ultimate Guide for 2024

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources