The problem isn’t with testing (which is an issue), but standardization on specific solutions. When everyone needs to use the same thing, it’s a lot more valuable to attack it.
So what we need is more alternatives that work together.
I don’t know anything about the trucking industry, so I’ll use IT instead. A lot of companies standardize on Cisco equipment, so when there’s a breach, everyone is screwed. The problem isn’t that Cisco is insecure, it’s that Cisco is ubiquitous, so one breach screws over everyone. If networking equipment was more a la carte, it’s unlikely a breach would impact all of the equipment used (e.g. a Mikrotik Router, Mikrotik Switch, Ubiquiti Access Points, etc). But bundling solutions is the name of the game for these large operations, which increases the fallout from a breach.
That’s why Windows gets so many viruses, it’s not because Windows sucks (it does), it’s because it’s such a huge target and you’ll get so much more value from attacking it than attacking a potentially easier target.
The problem isn’t with testing (which is an issue), but standardization on specific solutions. When everyone needs to use the same thing, it’s a lot more valuable to attack it.
So what we need is more alternatives that work together.
I don’t know anything about the trucking industry, so I’ll use IT instead. A lot of companies standardize on Cisco equipment, so when there’s a breach, everyone is screwed. The problem isn’t that Cisco is insecure, it’s that Cisco is ubiquitous, so one breach screws over everyone. If networking equipment was more a la carte, it’s unlikely a breach would impact all of the equipment used (e.g. a Mikrotik Router, Mikrotik Switch, Ubiquiti Access Points, etc). But bundling solutions is the name of the game for these large operations, which increases the fallout from a breach.
That’s why Windows gets so many viruses, it’s not because Windows sucks (it does), it’s because it’s such a huge target and you’ll get so much more value from attacking it than attacking a potentially easier target.