Step By Step
As IT professionals, we realize patch management is a good first step. We need to use chroot and other sandboxing technologies to put applications into areas where they can do little harm if attacked. We must limit access to applications. We must protect ourselves from problems we ourselves cause--a misconfiguration or misinstalled program can contribute to an attack as readily as a bug can.
In the end, we are at the mercy of our software developers. It's our responsibility to tell them what we need and expect--that secure software is a requirement, not a nicety. It's our butts on the line, and we must kick and scream until the developers change their ways, or we must find someone else who will meet our needs.
Mike Lee is NETWORK COMPUTING's editor. Write to him at [email protected]
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
