Low Hanging Fruit in Cybersecurity

There’s a rapidly increasing interest in cybersecurity, partly because the penny is finally dropping about the financial impact on government and business, and not just individuals.

I don’t work directly in this area, but it is another adversarial domain, so some of the problems and approaches I think about have some applicability.

But cybersecurity does seem to be an area where some Pareto (80:20) thinking might not go amiss.

For example, botnets use machines that have been compromised but whose owners/users don’t realise this. In my experience there are two reasons for this:

  1. The owners don’t realise that things are not right with their machine and put anomalous network and disk traffic down to the general weirdness of computers;
  2. The machines do not really have an owner — they drive other bits of hardware, or they are shared among many people who each use them for a short time.

One thing that would really help would be for someone knowledgeable (not e.g. Lifehacker — although that would be a start — but someone from the cybersecurity community) would post a complete guide to hardening the major categories of PCs. Most people know that they should be running a spam filter and antivirus software,  but from comments at a recent conference it seems that many people are still seeing spam, which suggests to me that they haven’t even got this simple part right. But there are many other tools that, if run on almost all machines, would cripple the ability to take them over. For example, I’ve been very happy with Iobit’s Security 360 which routinely finds malware on my machine behind a university “security system”. But I don’t use a VPN when I travel and I probably should. And what else should I be doing that I don’t even know is possible?

Volunteers anyone? (Of course, such a thing may exist, but I haven’t been able to find it.)

Advertisements

0 Responses to “Low Hanging Fruit in Cybersecurity”



  1. Leave a Comment

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s





%d bloggers like this: