Experiencing a Security Breach?
contact@prisminfosec.com +44 (0) 1242 652 100 +44 (0) 1242 652 100

LATEST CYBER SECURITY NEWS AND VIEWS

Home > News > How We Got Here: A Brief Reflection on Cybersecurity’s Foundations

Latest news

How We Got Here: A Brief Reflection on Cybersecurity’s Foundations

Posted on by Prism Infosec

Computer technology as we know it, has existed for the merest blip of time in human history. In less than 90 years we have gone from valves and punchboards to pushing the boundaries of quantum states in an attempt to achieve computations that would take millions of years to achieve otherwise. We landed people on the moon with computers that were no more powerful than graphing calculators available at schools in the 1990s. To me, that is astounding. You could argue, that the field of cybersecurity although known as an alternative name, was born at the same time as Colossus, with the first code breakers using it to attack Axis powers’ encryption.

Regardless, it wasn’t until computers became more accessible and people were given the opportunity to experiment more freely that the first virus was created in the early 1970s with the Creeper Virus; the first anti-virus, Reaper followed shortly after that. Since then, we have seen an escalating rise in offensive and defensive computer capabilities grow. When the 1990s rolled around, computer interconnectivity exploded into homes and businesses around the world and the internet as we know it today took shape (the internet in fairness has existed since the 1950s but it didn’t become wholesale accessible until the 1990s).

Why mention this? Context. Computers, networks, and widespread computer literacy only started to become a thing just over 30 years ago. People who grew up in that generation, grew up with access to these tools and capabilities, and yet those capabilities became widespread almost overnight, with businesses thrown into the deepend of needing to adapt and adopt to keep up and remain competitive. They did that without expertise in the board rooms, without considering how they would implement those capabilities securely, and had to learn the hard way what the impact of this technology would be.

Today we are dealing the adoption of those systems and the speed with which they came into play. The generation that grew up programming VCRs, coding on BBC Micros, grabbing gaming magazines for cheat codes, are now entering board rooms and making decisions for the next generation. We have to keep in mind that when a red team comes in, and takes a look at a network and identifies issues like poor credential hygiene, poor network segmentation, ineffective access controls, and improper administration tiering, we are looking at a network that may have been designed, torn up, merged, reimplemented, and reconfigured multiple times over decades with no one starting fresh and building to principles we now recognise as necessary for security rather than competitiveness. That does not excuse these issues, but we do need to be cognisant of how we got here, and recognise that we are still in the infancy stages of changing mindsets as we adapt to the implications of this technology and recognise that bolting on random security products will not solve the problems if we don’t address the foundations we started with.

If you’d like to explore how red teaming can help you uncover and address these foundational risks, feel free to get in touch.

Prism Infosec: Cyber Security Testing and Consulting Services

FILTER RESULTS

Latest tweets

Prism Infosec @prisminfosec ·
16 Dec

A great conference @BSidesLondon, thanks for having us at #BSidesLDN2024! Looking forward to continuing the relationship next year!

Prism Infosec @prisminfosec ·
26 Nov

Prism Infosec is proud to be a gold sponsor of @BSidesLondon 2024! Come and visit us on our stand and join in our cyber scavenger hunt! #CyberSecurity #bsides

Sign up to our newsletter

  • Fields marked with an * are mandatory

  • This field is for validation purposes and should be left unchanged.