Many cyber security failures are still not detected and even when they are, most are not reported to authorities or made known to the public. When they are reported it is always the fault of the retailer, the bank, or the financial organisation that the ultimate customer you and I are with. It is never the actual IT supplier whose product is simply not fit for purpose, stated Simon.
The plain fact is the IT industry has hidden behind the claim that their products or processes are best practice. Well if that is the case, why are we still experiencing huge data breaches?
Security incidents are commonly kept secret when discovered, leaving customers and policy-makers in government in the dark about frequency, impact and cause. Its almost as if the IT industry has a Teflon coat. Not us Gov, blame someone else, he continued.
Lets not forget there have been some huge breaches in recent months. For example in June, 6.5 million hashed passwords for LinkedIn were published on hacker forums. In December 2011 the Internet and phone connections of millions of people in Norway, Sweden and Finland were knocked out for two weeks by the Dagmar storm. And in October 2011 BlackBerry users could not send or receive emails after a failure at a datacentre in the United Kingdom.
So if this is what is defined as best practice I am really worried. It is time for the industry as a whole to stop being so complacent and stop hiding behind their customers, the ones who really face the wrath of consumers and regulators alike when a service is breached.