Ask HN: Should IT Adopt “Black Box Thinking” in Relation to Cyber Attacks?
There was an excellent analysis* of the recent BA credit card leak which prompted a great deal of internal debate into the level of exposure and risk, however this was conducted by a third-party analyst and not an official investigation.
https://www.riskiq.com/blog/labs/magecart-british-airways-breach/
However, this is rare and there have been several high-profile breaches which do not seem to have been so thoroughly investigated and the results published.
When an airliner crashes there is a forensic level investigation and the results are shared with the wider industry. At the end of the day it is in everyone's best interests, as not only do companies face financial losses compensating their customers, they also risk damage to brand reputation and ultimately fines from regulators.
What are people's opinions on the IT industry adopt a similar black box thinking approach to reporting the causes of security breaches.
1 comment
[ 4.6 ms ] story [ 8.4 ms ] threadRule 1. Trust NO INPUT Rule 2. Trust NO INPUT Rule 3. Trust NO INPUT
Outside of being compromised due to bad inputs, the other vectors are either logical flow emanating from complex system with different moving pieces, or stemming from bad practices such as using poorly vetted libraries, encryption schemes, running on insecure platforms, etc.
As someone who works in both spaces, I can assure you that the there's a strong strain between the demands of enterprise to release their vague requirements to market and the demand of security to keep everything together. If you try to do both it's easy to end up with some blindness. Hire a security team, the airline engineers don't do the forensic, a different team does and tells them lessons learned.