Share this page!

Nicole Perlroth Profile picture
Twitter logo
23 Dec, 6 tweets, 2 min read
My ‘22 cyber wish list:
1. MFA FOR EVERYONE. Idiotic we’re not mandating this for critical infrastructure.
2 DISCLOSURE. We only know about SolarWinds because @Mandiant did the right thing. What Americans don’t understand but enemies do: USG lacks visibility into critical systems
3 RIP OUT LEGACY SOFTWARE. Organizations should be fined for using Windows XP the same way Americans are fined for driving without updated registration. Madness.
4 PATCHING. “.
5 SECURE CODING BY DESIGN. I spent thousands to move my toilet plumbing 2” to bring it to code. Why…
aren’t we requiring this for safety critical systems like the grid, water, dams, pacemakers. More madness.
6 SBOM. Software bill of materials with security ratings for each piece of code. We require restaurant chains to disclose calorie counts but we have no idea how vuln…
erable or secure the code is that makes its way into autonomous trucks, cars, water treatment systems, etc. (Props to FDA for getting the ball rolling with med devices).
7 MORE GOOGLE PROJECT 0. Govt’ funding for tour of duty of the top US security engineers to find/plug 0days.
AND WHILE I’M SHOUTING. 8. Eradicate misogyny in infosec. I can’t tell you how many young women wrote to me after I got Twitter mauled to say “This is why we leave.” It has become a national security threat. We can’t address these challenges when we keep self-selecting jerks.
9 BE KIND TO ONE ANOTHER. We’re suffering from a mental health crisis. The world needs kindness more than ever.
10 Epidurals for every woman who wants one. Not cyber related but had to throw it in.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Nicole Perlroth

Nicole Perlroth Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @nicoleperlroth

Nicole Perlroth Profile picture
19 Jul
A few call outs from this morning’s blitz on Chinese cyber espionage. 1.We’ve known China’s Ministry of State Security contracts out some of its sensitive operations to a satellite network of hackers, now USG is calling them out by name (Yes!) and detailing the connections.
2. It’s not just front companies, USG is accusing Chinese universities of playing a critical role in MSS’ recruitment. We’ve reported on these connections before, but China is particularly sensitive about coverage that outs its universities.
3. My personal favorite! USG addresses zero day hoarding in its comments, noting that in this case, the NSA turned over additional Exchange zero days to Microsoft. I would like to buy the bureaucrat who inserted this phrase a beer: “Rather than withholding them...”
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @nicoleperlroth has new unrolls!

Check out other threads from @nicoleperlroth!

Read all threads by @nicoleperlroth

:(