an outlook for security improvements in 2019 v18.12.24.txt

As we wrap up 2018, my news feeds and various email inboxes are littered with security breaches, security vendor hardware, software and training solutions.

All citing an infamous undertone of someone that clicked on a bad link ultimately ending in unwanted code execution that led to more code execution and finally data exfiltration.

I am taken aback by our current ecosystem of general purpose operating systems and their bloated sense of "purpose". 

When is the last time you purchased multi-layer security solutions for your best of breed gaming platforms in your home network environment?  How often do you bludgeon your children's minds with security awareness training when downloading skins, avatars, games and expansion packs from the respective console gaming platforms online stores?  Do you recognize the computational power, network connectivity and deeply connected devices in your most personal home networks linked to video cameras, door locks and vast array of sensors in your living space?

Most likely you don't, and rightfully so.  Because of trust.  Trust that the underlying operating systems are doing one fundamental task that needs to be invoked and placed on the highest pedestal and given the most attention in your business networks: 

Code execution should only occur from digitally signed publishers that undergo a formal submission process to be included in a formal release cycle. 

I believe this one simple solution applied to operating systems within business networks would have a profound impact on our overall security and anti-security ecosystem.   Probably so much so that security vendors would end up with no reason to exist in their current capacity. 

This is scary for many in the security industry, almost reminiscent of using oil to power gasoline engines to turn wheels on vehicles for personal transportation.  Oh wait, we still do that as well, maybe 2019 will be different.

Comments

Popular posts from this blog

xenserver update v08.24.08.txt

using vlc to create a web-based vod library v07.18.11.txt