ACT OF FAITH
In a world where life & liberty, business & commercial interests, privacy & confidentiality, social interactions & social life and lots more are decided by the software we use, it needs an ultimate act of faith to buy and / or use it even without knowing the basics of it and nothing at all of it’s security history.
The vulnerabilities exploited to date on any software should be mandated to be made public. The process and security certifications and the certification agencies necessarily has be inbuilt in every business transaction and so should be liabilities related to IT security of the products.
Opaqueness in today’s systems is the real killer. Hushing up facts / incidents is making us more vulnerable. Banking for sure make a positive change. Knowledge of IT security systems of the banks is the right of the customer and about the breaches – the nature, responsibility and mitigation. The liability of bank in case of a hack had be decided upon, both civil and criminal.
IT Security ratings of organisations can be proactive beginning after putting the mechanisms in place.
INFORMED PURCHASE, MANDATED DISCLOSURE OF PRODUCT INFORMATION, REPORTING, FIXING LIABILITY & SECURITY RANKING OF ORGANISATIONS CAN HELP CHANGE THE GRIM SCENARIO.