The SolarWinds exploit demonstrates unacceptable weaknesses of the Cybersecurity profession. Cybersecurity has become a policy enforcement group as opposed to a group of technical professionals.

I’ve recently lived through a few weeks of having to deal with Cybersecurity experts in my attempts to deploy critical software updates.

Nothing can ship because there aren’t approved Assured Compliance Assessment Solution (ACAS) scans for the updates I want to deploy.

I argued that SolarWinds had approved ACAS scans but is a vulnerable piece of shit and none of them knew.

They stare at me. Blankly.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store