A top U.S. cybersecurity official advised companies to work harder to prioritize securing their services for customers, suggesting that new legislation should be implemented to ensure they maintain secure software. Jen Easterly, the Cybersecurity and Infrastructure Security Agency Director (CISA) highlighted Apple as an example, noting their transparency and accountability security practices.
Why it matters: Multifactor authentication is the key to the castle for securing devices and services, and Apple has excelled in taking ownership of the security outcomes of their users, according to Easterly.
- Apple made multifactor authentication the default option for iCloud users, resulting in 95% of users adopting the security measure.
- Although companies like Microsoft and Twitter have low multifactor authentication adoption rates, Easterly still praised the companies for being transparent with their numbers.
- Easterly suggested that legislation to “prevent technology manufacturers from disclaiming liability by contract, establishing higher standards of care for software in specific critical infrastructure entities, and driving the development of a safe harbor framework to shield from liability companies that securely develop and maintain their software products and services,” should be implemented.