OK, sure, let's blame the hackers. Let's punish them. They deserve it. They've got to be taught that screwing around with other people's networks, business, and productivity is unacceptable. Illegal. Unethical. Jeffrey Parson may learn that lesson. Adrian Lamo may also learn that lesson. But what lesson has the industry learned? That dealing with intelligent, sneaky, law-breaking teens is a problem? That companies and users need to get more vigilant about installing security systems and virus protection? That even nastier bugs could be coming? That more reputation-damaging, business-stopping break-ins could be coming? Yes, all around. We all have an important role to play in understanding the severity of security breaches and the need to do something about them.
But instead of picking on the misguided teens or the companies with less-than-adequately protected networks, let's turn to the software community. It's time something changed. Remember Microsoft's Trustworthy Computing strategy and Oracle's "unbreakable" promise? Well, neither seems to be true. Any other software vendors out there willing to make bold claims? Technology users are tired of vulnerability alerts and patches. They've prompted some to explore networks with fewer PCs, to seriously consider open-source software, and even to bill Microsoft for the expenses associated with patching their software.
How much patchworking must companies endure before they can feel comfortable that the software they buy to run their businesses won't fail them? I've got a great idea for the billions Microsoft is investing in R&D--innovation in software security. Maybe the next "killer application" will be something that doesn't have bells and whistles, but rather a promise of trust that can't be broken.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?