March 15, 2021•270 words
Over the last 25 or so years the expectation of security in products has grown. Along with the expectation of security so has it's importance as a market differentiator. For example, in the early 2000's Microsoft was almost undone by a series of security issues in it's products that allowed things like the Iloveyou virus and code red worm to spread. They refocused themselves and made security a priority. This may have saved their business. Fast forward to 2020 and in the wake of Solar Winds and most recent exchange vuln it appears they may have lost their way. Now that privacy, hacking, breaches, and identity theft are int he public consciousness even my 65 year old mother asks me if a product is "safe".
Worries about privacy and security are now really taking hold and defining product roadmaps. Another example here is Zoom. Zoom was a savior during the the pandemic, but revelations about it's claimed e2e encryption being non-existent cause a massive public outcry. Zoom then hired some of the best security people in the industry to help fix these issues. I am skeptical that they will stay the course but refocusing on security and privacy may have saved their business.
I feel like this story is going to play out over and over until more companies start realizing that if they put in the effort up front, they will be less likely to have major security issues. It is becoming too costly to do damage control after the fact.