ManiEvery week that passes brings with it a major Cyber Security story in the news, and this weeks new about Microsoft crosses 100 vulnerabilities again, is very worrisome and adds to the stress that IT Departments and cyber security professionals are facing.
TrendMicro is reporting, how researchers used an App Store to demonstrate hacks on a factory and Microsoft crosses 100 vulnerabilities again.
While awareness is key, it seems to have no effect on the rate of recurrence of data breaches and there are two fundamental reasons why things like these happen. One, the vulnerabilities and security holes known and unknown in the core operating systems and its architecture and two, software development has not incorporated cyber security in their architectures.
According to TrendMicro, when malicious code spread through the networks of Rheinmetall Automotive, it disrupted plants on two continents, temporarily costing up to $4 million per week. While awareness of these type of threats has grown, there’s still a risk that too many organizations view such attacks as isolated incidents, rather than the work of a determined attacker. Federico Maggi, a senior researcher at Trend Micro, set out to dispel that mindset.
In my view, there are no more isolated incidents or young coders testing their skills out against a multinational organization. The sophistication of attacks and the strategy by which they are conducted reflects a very motivated and organized approach. Something that requires funding, equipment and continuous improvement. All characteristics of a national or commercial enterprise.
In fact, I am starting to believe that more focus is having the contrary effect. Data breeches and Cyber Security has become white noise, and has made us helpless and lacking of action.
If big businesses and even governments are vulnerable, how can individual or small business defend against these kinds of threat.
Imagine if we were this lax towards company’s inventory or even organizational assets.
In my view one of the reasons why IT Security is facing this challenge, is fundamentally due to lack of management’s serious commitment. We talk the talk but fail to walk it.
And adding to this crisis is that core operating systems that world’s computers are running on have inherent vulnerabilities that get exploited. Most certainly, the news like Microsoft crosses 100 vulnerabilities again do not help.
It is do able, it is not costly and it should be part of the enterprise architecture and DNA from day one.
I am a Cyber Security professional and a tech enthusiast. Feel free to reach out to me
To check the original story Click here
Mani Masood
