Hacker News new | past | comments | ask | show | jobs | submit login

I have always thought that "solving" cyber security was fairly simple.

The cost of running insecurely should exceed the cost of making it secure.

Usually this is done by the Board firing the CEO and the next CEO firing anyone who fails to improve

For a long time it has been better to do your job insecurely than to fail to do your job whilst being secure.

GDPR, equinox, target are starting to change that

In short, the CIA is very good at operating with high levels of cyber-security. Do as they do.




> The cost of running insecurely should exceed the cost of making it secure.

This was suggested by Bruce Schneier, as well, in one of his books, citing the example of rising difficulty of credit card fraud now that the credit card companies are held wholly liable for it.


>citing the example of rising difficulty of credit card fraud now that the credit card companies are held wholly liable for it.

The people that are held liable for credit card fraud are, ultimately, the merchants. If someone uses a stolen credit card, it's the merchant who is left without any money after shipping their goods.


To be clear, your talking of the CIA organization, and not "confidentiality, integrity, and availability"?


yeah. the CIA knows how to keep secrets (mostly)




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: