Jump to content

Cre8asiteforums

Discussing Web Design & Marketing Since 1998

  • Announcements

    • cre8pc

      Thank you! Cre8asiteforums 1998 - 2018   01/18/2018

      Internet Marketing Ninjas released many of the online forums they had acquired, such as WebmasterWorld, SEOChat, several DevShed properties and these forums back to their founders. You will notice a new user interface for Cre8asiteforums, the software was upgraded, and it was moved to a new server. Thank you for your support as we turn 20 years old.  
cre8pc

A Call For Cyber Hygiene

Recommended Posts

DigitalGov shared this...thought some of you might mull over it.

 

Rethinking Cybersecurity from the Inside Out

 

After four years of research and development, National Institute of Standards and Technology (NIST) has published a groundbreaking new security guideline that addresses the longstanding problem of how to engineer trustworthy, secure systems — systems that can provide continuity of capabilities, functions, services, and operations during a wide range of disruptions, threats, and other hazards. In fact, I think that Special Publication 800–160, Systems Security Engineering, is the most important publication that I have been associated with in my two decades of service with NIST.

 

Our fundamental cybersecurity problem can be summed up in three words — too much complexity. There are simply too many bases — all the software, firmware, and hardware components that we rely on to run our critical infrastructure, business, and industrial systems — for us to cover as it is, and we’re adding to the number of bases all the time.

Increased complexity translates to increased attack surface — providing adversaries a limitless opportunity to exploit vulnerabilities resulting from inherent weaknesses and deficiencies in the components of the underlying systems that we have built and deployed. We can characterize this predicament as the N+1 vulnerabilities problem.

 

 

 

Share this post


Link to post
Share on other sites
There are simply too many bases — all the software, firmware, and hardware components that we rely on

 

I bet Bill Gates would agree with this especially the software part. :)

Betya other big players would agree also as long as they would be the provider.

 

It's a bit late for this debate about security.

  • Like 1

Share this post


Link to post
Share on other sites

Too bad the government wasn't extending consumer liability regulation to all those 'what's a security' IoT devices so that a few good class action law suites would reign in the idiocy of bolt on after the horse has bolted security crap. The guideline is fine but 20 years late; or rather pretty much an annual regurgitation from some authority or another for the past 2-decades.

 

And while they are about it how about firing the idjits at the US Patent office and reviewing the swamp that is US software patent 'law'. And kill the ridiculous constraints that has been EULAs since Bill was a boy. And... :emo_gavel::kill_spam::spambuster:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×