said by HELLFIRE:...
... Making software "secure-by-design," and thus putting the liability on the vendors to sell safe products out of the box instead of pushing that responsibility on to consumers and businesses, is a drumbeat that CISA has been pounding under Easterly's leadership.
And unfortunately it's a drumbeat that's more than drowned out by the deafening roar of a business-as-usual, test-it-in-the-field business model that continues to exist in software issuance, as it has for at least 35 years.