Jen Easterly, the Director of the Cybersecurity and Infrastructure Security Agency (CISA), recently criticized the adoption of some security protocols by Microsoft Corp. and Twitter Inc. in her speech on Monday, February 29th. According to Easterly, these technology giants’ approach to protecting user accounts against ransomware attacks is ‘disappointing.’ In her speech, Easterly also highlighted that the nation’s essential services, including energy supply, food production, hospitals, and schools, are crippled by ransomware attacks facilitated by bad software and unsafe practices.
She stressed the need for robust security measures to prevent such attacks and protect the country’s critical infrastructure. Easterly called for the default enrollment of users in basic safeguards such as multi factor authentication, a security method that requires users to log in with a username, password, and an additional layer of verification.
“Technology manufacturers must take ownership of the security outcomes for their customers,” Easterly said at Carnegie Mellon University, according to prepared remarks shared in advance with Bloomberg News. “The government can also play a role in shifting liability onto those entities that fail to live up to the duty of care they owe their customers.”
