Interesting to note the Cloudflare analysis showing how quickly attackers moved to exploit Meltdown and Spectre while organisations grappled with a complex remediation picture.
Good cyber hygiene is a critical indicator of organisational cyber security maturity, and this article is a good illustration of the challenge.
Complexity is the enemy of security for sure.
Haha, I remember a cab drive w/ @halvarflake ca. 2005, when he expressed exactly this belief 🙂 And how my work (back then) on integrity detection was really meaningless 😉 Years later I gave up on detection and focused on prevention… Not sure I've found the meaning though. pic.twitter.com/m5695MLWlN
— Joanna Rutkowska (@rootkovska) May 31, 2018
My view is it will take natural obsolescence and hardware refresh to really iron these kinds of issues out.
The potential for fixes for the fundamental flaws is probably limited.
Significant development if true
A useful summary worth reviewing
One of my volunteer interests is in supporting the BCS activities in Dorset.
I am currently overhauling the operation of the Branch to achieve maximum traction and progress and welcome new contacts, ideas and collaborations. I am also keen to organise online web conferences remotely on the same lines.
Are you an IT professional interested in giving a talk to our membership? Please get in touch if you’d be interested in giving an evening presentation in Bournemouth (email firstname.lastname@example.org FAO BCS Dorset Chair). The Branch can cover all reasonable costs for travel and subsistence from anywhere in the UK.
Our most successful work, historically, has been organising events such as evening lectures, talks and demonstrations. I’m particularly keen to get speakers to our events that are not only from Dorset, but across the UK and beyond.
Some time ago BCS launched the Certificate in Information Security Management Principles, or CISMP. It offers a sensible syllabus and is backed by an appropriate non-profit: BCS.