Page 29 - Cyber Warnings
P. 29
Best Practices are About to Change
By Chris Murphy, Founder, Innovator and Visionary, Cyber Safety Harbor
There is a lot of talk and media hype going on about cyber security, with a few suggested ways
to reduce cyber breaches and to improve everyone's cyber security. All of the popular
suggestions are nothing more than updated comments on old and unreliable solutions to a
pervasive problem that will only get worse if we do not address the real problem.
We think it is time to have an open and honest conversation about what is not working and talk
about what can work, for all of us.
The public, business leaders and government officials are being inundated with new twists on
yesterday’s failed cyber solutions. Cyber monitoring and insurance are being pedaled to
concerned citizens as protection. After an individual has been violated, these companies inform
them of the damage.
Congress and the President abdicated their responsibility to the American people in the Federal
Cybersecurity Information Sharing Act of 2015 (CISA). The law encourages companies to share
data with the government in return for immunity from damages caused by the company’s failure
to properly secure data.
When did sharing secrets make the secrets more secure?
Fingerprint, face recognition, optical scan and other forms of bio-data as a security factor have
already been proven useless. Yet to deceive a public afraid of breaches, bio-data is put forth as
a solution.
The German Defense Minister had her fingerprint compromised from a photograph. A breach of
a database using a fingerprint security protocol, compromises every stored fingerprint
permanently.
Credit cards from a cellphone! Really! The credit card industry is finally moving to Chip & PIN to
prevent the duplication of credit cards and then provides a way to duplicate credit cards on a
cellphone’s “wallet”. This rabbit hole is just too ridiculous to go down and yet the industry is
deploying it!
Security is not convenient, but it can be user-friendly. The purpose of security is to prevent
unauthorized access. Consumer acceptance is not an excuse for failing to provide proper cyber
security! The consumer will, in the end, do whatever is required to secure their identity.
Understanding the root cause of breaches is a must. That cause is the size of the attack
surface and an uncontrolled access model.
When any browser user can access a secure portal, the attack surface is every browser in the
world. When we reduce the attack surface, we exponentially improve security.
29 Cyber Warnings E-Magazine – April 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
