Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management


Point of View: Chrysler recalls 1.4 million hackable cars


“The interesting thing about this recall is not that it’s going to be expensive and inconvenient (it will), but that it shouldn’t have had to happen.  We already know the importance of auto-update.  Remember those painful years of downloading Windows updates only to have them fail, crash, and re-release.  If cars are going to have software, then they absolutely need to have auto-update. What consumers driving these cars don’t realize, is that software is backed by millions of lines of code. And as more and more critical devices are connected to the internet – securing that code has never been more important. There will be more and more of these vulnerabilities discovered in cars — we’ve only just scratched the tip of the iceberg here.  Automatic update ensures that as these holes are discovered we can deal with them quickly, without exposing large populations of people. 

Otherwise, we basically guarantee that a large percentage of the cars on the road are going to be driving around with known vulnerabilities.  And that doesn’t just put the driver and passengers at risk.  That exposes all the people driving around them.  I think there’s a strong case for government intervention to keep the roads safe.  But I’m curious if the auto insurance industry could be influential here — maybe offering discounts for vehicles that automatically update themselves with improved security and better safety features.”

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff Williams, Co-Founder, Chief Technology Officer

Jeff brings more than 20 years of security leadership experience as co-founder and Chief Technology Officer of Contrast. Previously, Jeff was co-founder and CEO of Aspect Security, a successful and innovative application security consulting company acquired by Ernst & Young. Jeff is also a founder and major contributor to OWASP, where he served as the Chair of the OWASP Board for 8 years.