There are more computing devices in the world than ever before with thousands of them coming online every day. They are in our pockets, homes, hospitals, and schools. They bring us convenience, safety, commerce, education and so much more. The existence of these computers has become an integral part of our society and everyday life. We can’t imagine our life without them, and it is scary to think what would happen if we don’t have them one day? Personally, I don’t think we can survive. How will food get delivered to the stores? How can you call the police? how the electricity is going to reach you? With this great danger, we should seriously look on how to protect our companies and devices, but it seems like we aren’t doing the basic things.
In an article written by Roger Grimes for IT World, he mentions that companies aren’t following what the hard-cold data is showing them. He blames that on human tendency saying that humans often don’t make a decision that will benefit them even though the data shows them the good and the bad. In his article, he mentions a couple of reasons for why we are so vulnerable to threats that could be easily avoided. First, every day there is an average of 15 new security threats that IT security will have to deal with. This becomes really overwhelming for IT to handle. It becomes even harder when internal politics take their attention away to fight whatever the higher ups tell them to do. Rather than following up on threats to see if they are harmful to the company, they are distracted by the inputs of the higher and forced to provide crucial resources to fix a mundane problem. Second, Media hype has caused a general widespread numbness. Simple threats are leveled to great heights and cause many to be panic and be overly concerned. Over time, people have become less attentive to these threats that when a real threat does occur, it goes unnoticed. Third, too many projects and not enough of completion. Many companies react to threats by starting many projects. Although the throwing many projectiles randomly at the target can increase the odds of success, that doesn’t come close the odds of success for a few projectiles that been aimed. In a way that also applies to the projects that companies start. They start so many, but don’t have the resource or patience to see them completed. If they had simply focused on one or two, most companies would have been covered for most threats.
This article reminds me of the Spectre and Meltdown threats that have come up in past month or so. I didn’t think too much about it until I had to do some research for it. I realized that I had become a victim of the hyped news and didn’t take this credible threat seriously. It seems like many manufacturers aren’t doing their part either. I still haven’t received a patch for my Note 8, laptop or PC and I don’t think I will receive them any time soon. What makes it worse is that sometimes there are patches available, but there aren’t clear instructions on how to install them. I would imagine that most people would never update or patch their devices for many years! It is a bit scary because it allows the threat to be weaponized and used in cyber warfare.
Grimes, Roger A. “6 reasons you’re failing to focus on your biggest IT security threats.” ITworld, CSO, 16 Jan. 2018, www.itworld.com/article/3247796/security/6-reasons-youre-failing-to-focus-on-your-biggest-it-security-threats.html?upd=1517713257786.
Picture : https://www.itworld.com/article/3247796/security/6-reasons-youre-failing-to-focus-on-your-biggest-it-security-threats.html?upd=1517713257786