Infosec veteran Marc Rogers on why we need a better system to rate vulnerabilities
Disclosure The way we rate the severity of computer security vulnerabilities and bugs needs to change if people and businesses want to be better protected from malware and cyber-crime.
So says Marc Rogers, executive director of cybersecurity at Okta and head of security at the world's biggest hacking conference DEF CON.
Speaking to The Register at Okta's Disclosure conference in San Francisco this week, Rogers reckoned today's methods of scoring and classifying security vulnerabilities reflects a dated system that didn't take into account the way that modern attackers operate.
"The challenge is the whole vulnerability management space has been evolving," Rogers said, "but it is being outpaced by the evolution of how we leverage attacks."
In particular, Rogers said, approaches such as the almost third decade century still grading security
