Are Hackers Speeding on the Information Highway?
(or “Has our Security Crashed?”) I just came back from a discussion with our national CERT and took some thoughts back home: (TL;DR section at the end) I have the impression, that some of our security mechanisms, which seemed so sturdy and and healthy until recently, are turning soft and weak in our hands. The developments in the last few years were definitely on the fast lane, breaking all speed limits and no data-highway patrol was there to stop them from speeding. The traditional approach to define security mechanisms (let’s call them technical controls) doesn’t really seem right to me any more: Raise the bar to a level, where the remaining risk is acceptable for the next “X” years, assuming that technology advances at a certain rate. (Use a reasonable number of years for