• Tinidril@midwest.social
    link
    fedilink
    English
    arrow-up
    17
    ·
    edit-2
    4 months ago

    I was in IT back in 2001 when the Code Red virus hit. It was a very similar situation where entire enterprises in totally unrelated fields were brought down. So many infected machines were still trying to replicate that corporate networks and Internet backbone routers were getting absolutely crushed.

    Prior to that, trying to get real funding for securing networks was almost impossible. Suddenly security was the hottest topic in IT and corporations were throwing money at all the snake oil Silicon Valley could produce.

    That lasted for a couple years, then things started going back to business as usual. Microsoft in particular was making all sorts of promises and boasts about how they made security their top priority, but that never really happened. Security remained something slapped on at the end of product development and was never allowed to interfere with producing products demanded by marketing with inherently insecure designs.

    • xyguy@startrek.website
      link
      fedilink
      English
      arrow-up
      10
      ·
      4 months ago

      You’re absolutely right. Everyone will be very worried and talk about the importance of security in the enterprise and yada yada yada until a cool new AI spreadsheet software comes out and everybody forgets to even check if their firewall is turned on.

      But with that being said, if you have been looking for a good time to ask for cybersecuity funding at your org, see if you can’t lock down 5 years worth of budget while everyone is aware of the risk to their businesses.