Last week’s poll: Priorities for improving internet security

What is the most important target for investment to guard against incidents like last week’s cyberattacks?

What last week’s poll lacked in votes (311) was more than made up for in Comments, where the debate raged over who is responsible for internet security.

The poll was prompted by the worldwide “WannaCry” cyberattack that saw numerous institutions, including the NHS, under attack from unknown actors demanding monies to be paid in Bitcoins.

As was noted, these attacks almost always come without warning and there appears to be widespread agreement that money needs to be spent to help prevent malware and hacking from damaging valuable and safety-critical systems and putting them out of action. There doesn’t, however, appear to be clear consensus on the most important target for such investment.

The message that greeted victims of the WannaCry cyber attack

A total of 49% of readers agreed that the solution lies in improving skills, followed by 43 per cent who think that software is first line of defence. The remaining eight per cent was split evenly between those that chose hardware and none of the above.

The poll prompted a number of responses, with 20 Cent stating: “I am surprised at the naivety of people who think that computers, and the internet in particular, are, or will ever be secure. No matter what systems are invented there will be people out there finding ways around them. The internet, cloud, and social media are excellent and convenient ways of accessing and distributing information, but don’t expect privacy or security.
“This is the price the world is paying for the convenience of computer driven societies and economies. I believe it is true to say that anything that relies on computer control can be hacked, from the cars one drives, credit card transactions, bank accounts, company files, national security. Computers in = Security out.”

Dave Mawdsley asked: “Am I alone in thinking that Microsoft (for producing such poor, easily attacked operating systems), service providers and content providers e.g. YouTube (for not policing their environment), are culpable? These organisations generate vast profits but take no responsibility for the results of their work. It is the height of hypocrisy for Microsoft to pass all the blame to users when it is a flaw in their own product that has left users so vulnerable.”

Drawing an analogy between home security and computer networks, Peter Sim Canning said: “Would you walk out of your house and leave the doors unlocked and the windows open? No. If you have a company that runs on software then the manager must ensure that the systems can run safely and efficiently, if not, then the manager is not doing his job properly. And by manager I mean anyone who is responsible for ensuring the software is up to date, from the IT manager who keeps the IT system running, to the Finance manager who decides where any cuts have to be made.”

The debate rages on and we’d still like to hear your opinions via Comments.