More thoughts on cybersecurity
Many years ago, when the PC was in its infancy, I worked with the All Source Intelligence Center (ASIC) that gathered global intelligence information. I had a GRID laptop computer that I was using and had all kinds of intelligence data and global targeting information. When you would enter and leave the facility, the MPs would check every piece of paper you had for confidentiality, but they would just look at the GRID and wave me on through even though I potentially might have had the equivalent to reams of confidential data. Over 25 years later, security is still vastly misunderstood by people in key places. Executives seem to understand its importance in a vague way, but don't really know what to do about it and leave it up to the techies to solve without really knowing how good their security really is.
In an article in ZDNET entitled Tech's Dirty Little Secret: cybersecurity, Ray Ozzie states:
But "weak encryption" is no longer a reasonable excuse for insecure systems. It's clear by now that real security comes not just from strong crypto, but from recognizing and embracing human strengths, frailties and common behaviors in building, managing and using complex systems. People are always the weakest link.
So it is. Overall we will continue to struggle with this issue for some time even though technology is certainly available to solve it.
8:54:28 AM 
|
