“Unfortunately, the technology underpinning our critical infrastructure is inherently insecure because of DECADES of software developers NOT BEING HELD LIABLE for defective technology. That has led to incentives where FEATURES and SPEED to market have been prioritized AGAINST SECURITY, leading our nation VULNERABLE to cyber invasion. That has to stop,” Jen Easterly, CISA

The policy we need is YEARS behind the current technology, and utterly inadequate to protect citizens against threats and scams.

We lack protections and bear the brunt of the damage.

Two clear examples -

1: SIM swapping.

A bad actor was able to convince a telecommunications store to transfer a phone number to a new device by impersonating the owner. This allowed the criminal to:

- Access private account information and steal money.

- Gain all those 2FA codes sent via text message.

- Gain access to their social media accounts, email accounts... what other apps are on your phone?

Should telecom companies be held responsible for failures that enable financial crimes?

2: Deepfakes and nonconsensual graphic images.

The growing threat of manipulated media - widespread technology usage to generate fake but realistic graphic images and no legal consequences.

While Taylor Swift's massive fan base is championing federal penalties for these deepfake images, we drag our feet in spite of the urgent need for policy reforms to protect individuals from harmful uses of emerging technologies that currently have little oversight.

Listen to this 15-min episode of #LiveOnCyber with Stan Stahl, PhD and Julie Michelle Morris and let's talk today's problems and potential solutions.