Security & Safety

Carth · Today, 11:32

Is it just me, or is anyone else seeing that the more Internet Security we get thrown in, the less 'safe' the systems and data are?

Airports, Hospitals, Retailers, Manufacturers and more, all 'hacked' despite the increase in awareness of the danger.

Add to that the amount of 'critical' failures in the balancing of electrical supply systems causing outages etc.

Could it be over reliance on AI or are hackers better than all the Security 'experts'

**Hugh** · Today, 12:26

imho, it’s mainly down to a couple of things

a) everyone wants a "one stop shop", so multiple different systems have to be integrated through APIs (Application Programme Interfaces) to allow data to flow/be converted to from systems, providing more complexity, and usually the more complex systems get, the harder it is to provide complete security (and it costs more for no tangible benefit, until you need it - see below); this also includes fail-over/resilient systems

b) businesses want everything to be more cost-effective/cheaper, and good IT Security is expensive, time-consuming, and often annoys users with the requirements/actions they have to follow to keep it secure, and like any insurance, people bitch about paying for something they don’t think they need (until they do)

c) related to b), companies want to save money by outsourcing, but often have a mindset that transfers responsibility for the system (and associated security) to the outsourcer, when if fact they still have the responsibility to ensure the system provides appropriate service and security

d) a reasonable amount of end-users fall for phishing emails - no matter how many times you tell them not to click on links, and that the IT Department would never ask for their password on an email, they still do, which gives the blackhats access to the systems

e)more and more of what we do every day is now online - the last 20 years, with the introduction of smartphones, tablets, and the associated Apps, allow much more opportunities for phishing/scamming

All of the above are from real-world scenarios I have been personally involved in…

Carth · Today, 14:33

Decent set of answers Hugh, thanks.

Not having any dealings with internet security in an IT type role (apart from at home obviously), I do though have work related experience (quality control) in an office where there were definitely a couple of people who were very Blasé when it came to passwords and 3rd party Emails etc.

From your answers, I guess globally there's not much can be done without increasing the 'costs' of better security, and the risk of incurring the wrath and annoyance of the general 'not my problem' public users . . . whether that's shopping, booking a holiday, online banking, buying concert tickets, or any number of things where internet activity is required.