Cybersecurity's Lament: There Are No Cooks in Space ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

hhendrickson274,
User Rank: Strategist
7/25/2020 | 10:16:25 AM

Very flawed analogy

I understand the point of your article, but you start off with an extremely flawed analogy. The cybersecurity professionals aren't like the cook on the station. The cybersecurity staff are more akin to the key staff in mission control, helping to ensure that the astronauts stay alive and healthy. And last time I check, there isn't any single space mission that doesn't have ground support staff (spoken as someone who has actually worked at NASA in the past). All that said, having everyone be responsible for cybersecurity is critical for it to be a successful program. If those on the front lines aren't doing their part, there is little the professionals can do to keep them secure. One has only to look at all the careless things that those on the front lines due every day that cause the security lapses we see, from not security cloud services, to checking credentials into public code repositories. When left to their own without proper checks and balances, they will always error on the side of expediency. And that is just what those looking to steal our data are counting on.

So no, cybersecurity's lament isn't that there are no cooks in space. It's that those in space think that they are infallible and are above thone who help keep them alive while they are in space. (my apologies to all astronauts, it wasn't my analogy and I'm certain that you all are very appreciative of the work done by those that enable you to go into space and come home safely).

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

NSA Appoints Rob Joyce as Cyber Director

Dark Reading Staff 1/15/2021

Vulnerability Management Has a Data Problem

Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber, 1/14/2021

Who Is Responsible for Protecting Physical Security Systems From Cyberattacks?

IFSEC Global, Staff, 1/14/2021

Webinars

What We Can Learn from Sports Analytics

The Failures of Static DLP and How to Protect Against Tomorrow's Email Breaches

How Elite Analyst Teams are Transforming Security with Cyber Reconnaissance

Webinar Archives

White Papers

How to Prioritize Risk Across the Cyberattack Surface

From MFA to Zero Trust

Cyber Threats & Trends: Jan-June 2020

Ahead of the Curve: Accelerate Cyber Response with DNS Insights

Cloud Connectivity -- Your Guide to the Network

More White Papers

Cartoon

Post a Comment

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-11997
PUBLISHED: 2021-01-19

Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able to see which other users have accessed that connection, as well as the IP addresses from which that co...

CVE-2020-27266
PUBLISHED: 2021-01-19

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass user authentication checks via Bluetooth Low Energy.

CVE-2020-27268
PUBLISHED: 2021-01-19

CVE-2020-27269
PUBLISHED: 2021-01-19

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences vi...

CVE-2020-28707
PUBLISHED: 2021-01-19

The Stockdio Historical Chart plugin before 2.8.1 for WordPress is affected by Cross Site Scripting (XSS) via stockdio_chart_historical-wp.js in wp-content/plugins/stockdio-historical-chart/assets/ because the origin of a postMessage() event is not validated. The stockdio_eventer function listens fo...

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]