I recently read an article in the @TheEconomist (April 8 edition) entitled The Myth of Cyber Security, a somewhat depressing article on the poor state of cyber security globally. The author discussed numerous reasons behind the current problems:
- Software complexity and speed of development
- Users failure to protect themselves
- The technology industry’s inability to self regulate and accept liability for product flaws
The last point drawing comparisons to the car industry in the early 1960’s. It was not until the government forced their hand on safety did the industry’s attitude change. The author considered that perhaps additional government intervention could be beneficial to the technology sector. Examples included increased reporting requirements for companies that are hacked, forced default password changes and legislated timeframes for fixes to "at risk" products.