Countering cyber attacks

It’s good to read that the UK Government is finally waking up to the fact that cyber attacks are a serious threat to the nation. In fact it’s always been so. Why? Because we don’t build secure platforms and application systems. And we expect users not to create breaches.

The answers are simple, but unlikely to be implemented. First, we must mandate that all important systems are designed from the outset to be resistant to attacks. And, second, we must take account of human error and built appropriate compensating controls into systems. 

The safety field discovered these truths many decades ago, and acted on then. Unfortunately, the security community prefers to keep its head in the sand. 

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Good Day, I have to disagree with this ending comment: "Unfortunately, the security community prefers to keep its head in the sand". Not true at all! You must look further up the food chain to lay blame. We (IT Security Professionals) are handcuffed by our politicians, it's they that do not grasp the Cyber Security issue. You have farmers, doctors, judges, business owners, and academia being elected to our government. These people have no grasp on IT Security. Yet it is these people that we have to trust our Nations IT Security plans and policy to. That's like expecting your doctor to have the ability to fix your 2011 vehicle. Having systems resistant to attacks out of the box. That will never happen, given physical access or a connection via the internet and the system is hacked 10 out of 10 times. Regards,