By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Cybersecurity is in a terrible state, possibly the worst it's ever been. Literally not a day goes by without another report of a security breach or a data spill or a hack spilling corporate secrets. There is plenty of blame to go around, of course. Let's start with the obvious ones, the crooks and scammers – from petty criminals to organized crime – who are able to extort us with ransomware or steal corporate data or our credit-card details with phishing attacks. Few police forces have the time, money and skill to catch these groups or bring them to justice. Then there are state-backed hackers who switch between espionage and cyber warfare – and the governments that either turn a blind eye to their activities or positively encourage them. Who else to blame? Perhaps the tech companies that are desperate to rush a new product to market to beat their rivals, and think that cutting corners on testing security is a good way to do it. And it's not just startups, either; witness the constant stream of security patches that flow from all the big tech companies every month, fixing problems with software that simply wasn't secure enough when it was sold. What about the enterprise? There are software patches for all of the most regularly abused software flaws, just as there was a patch for the flaw that allowed WannaCry to spread. And yet those flaws go unpatched because firms don't want to spend the time and money fixing those flaws and patching those systems. Follow up on OUR FORUM.

 

Translate