Security theater and security politics

I had some input from colleagues on my Stuxnet posts – suggesting that I was downgrading the need to be vigilant against cyber-threats.  Of course we must be vigilant, but let’s not forget a couple things:

1) We have to get the basics right –

Note the Siemens guideline for implementing WinCC:  “system administrator password can be assigned by the user and supports adherence to company password conventions”

Which Siemens themselves do not follow in their field implementations.  If they had – then Stuxnet would not have been able to exploit the default password vulnerability in WinCC

2)  Security theater is one thing.   Security lobbies hyping cyber-war and cyber-terror in order to garner Federal funding, paid for by your tax dollars is another.  Unfortunately – the Obama administration agenda on fighting terror is more oriented towards security theater and politics than addressing the root causes starting with shutting down funding of Hamas and Al-Qaida by the Saudis and the Iranians, which seems to me, to be infinitely more effective than bullying the Israelis to stop building schools and homes.

Related Posts Plugin for WordPress, Blogger...
Tell your friends and colleagues about us. Thanks!
Share this

One thought on “Security theater and security politics

Leave a Reply

Your email address will not be published. Required fields are marked *