Dan Geer on CrowdStrike: It Is Time to Act
The article highlights cybersecurity challenges amid global outages, emphasizing the need for integrated security policies, redundancy in systems, and proactive measures to prevent silent failures and vulnerabilities in technology.
Read original article
The article discusses the ongoing challenges in cybersecurity, particularly in light of recent global computer outages. It emphasizes that the risks associated with technology are well understood, including the distinction between attacks and accidents, and the importance of redundancy in large systems. Redundant components can either mitigate risks or exacerbate them, depending on their design and implementation. The author highlights that dependence on technology creates correlated risks, which can lead to significant failures if not properly managed.
The piece argues that security and competition policies must be integrated to prevent catastrophic failures, especially as technology becomes monopolized. It stresses the need for proactive measures to ensure that systems are designed to avoid "silent failures," which are failures that occur without detection. The author calls for a shift in focus towards creating robust, testable mitigations for potential failures, rather than simply aiming for a state of no failure.
In conclusion, the article posits that the lessons learned from past incidents should prompt immediate action to address vulnerabilities in technology systems, advocating for a comprehensive approach to cybersecurity that combines policy reform with technological innovation.
Related
The IT Industry is a disaster (2018)
The IT industry faces challenges in IoT and software reliability. Concerns include device trustworthiness, complex systems, and security flaws. Criticisms target coding practices, standards organizations, and propose accountability and skill recognition.
Six Dumbest Ideas in Computer Security
In computer security, common misconceptions like "Default Permit," "Enumerating Badness," and "Penetrate and Patch" hinder effective protection. Emphasizing a "Default Deny" policy and proactive security design is crucial.
CrowdStrike debacle provides road map of American vulnerabilities to adversaries
A national digital meltdown caused by a software bug, not a cyberattack, exposed network fragility. CrowdStrike's flawed update highlighted cybersecurity complexity. Ongoing efforts emphasize the persistent need for digital defense.
CrowdStrike fail and next global IT meltdown
A global IT outage caused by a CrowdStrike software bug prompts concerns over centralized security. Recovery may take days, highlighting the importance of incremental updates and cybersecurity investments to prevent future incidents.
The CrowdStrike Failure Was a Warning
A systems failure at CrowdStrike led to a global IT crisis affecting various sectors, emphasizing the risks of centralized, fragile structures. The incident calls for diverse infrastructure and enhanced resilience measures.
9 commentsIf the nigh monoculture of CrowdStrike didn't exist, and malicious behavior protection wasn't as consistent as a result, would the aggregate harm of multiple smaller bad events occurring over years be above or below the one-shot harm of CrowdStrike's screwup?
Maybe the answer is obvious if you have more context than I do, but to me it doesn't seem so obvious it can be taken for granted one way or the other.
Same for "network security" proxies that actually break security.
I don't necessarily disagree with all of Dan Geer's assertions, but I am unconvinced that regulation can overcome organizational stupidity.
This is... non-obvious to me. Anyone know what he means by this?
Cost cutting trumps ALL other concerns. It's the ruling class' irrevocable policy.
C'est la vie.
If you don't like it, start your own business that does better. ¯\_(ツ)_/¯
I was expecting all kinds of experts to discuss how "this was expected" and "you should have done it another way" after the CS incident, while failing to understand why their monitor does not work when switched off.
I guess that a week in an active organization's secops team would show them how much more we are in control of what is happening on end-user devices today than it was 10 years ago. I wish them all the best in managing the security of a few dozens of thousands of machines with their knowledge about what cybersecurity could be like in an alternative world.
Related
The IT Industry is a disaster (2018)
The IT industry faces challenges in IoT and software reliability. Concerns include device trustworthiness, complex systems, and security flaws. Criticisms target coding practices, standards organizations, and propose accountability and skill recognition.
Six Dumbest Ideas in Computer Security
In computer security, common misconceptions like "Default Permit," "Enumerating Badness," and "Penetrate and Patch" hinder effective protection. Emphasizing a "Default Deny" policy and proactive security design is crucial.
CrowdStrike debacle provides road map of American vulnerabilities to adversaries
A national digital meltdown caused by a software bug, not a cyberattack, exposed network fragility. CrowdStrike's flawed update highlighted cybersecurity complexity. Ongoing efforts emphasize the persistent need for digital defense.
CrowdStrike fail and next global IT meltdown
A global IT outage caused by a CrowdStrike software bug prompts concerns over centralized security. Recovery may take days, highlighting the importance of incremental updates and cybersecurity investments to prevent future incidents.
The CrowdStrike Failure Was a Warning
A systems failure at CrowdStrike led to a global IT crisis affecting various sectors, emphasizing the risks of centralized, fragile structures. The incident calls for diverse infrastructure and enhanced resilience measures.