Tech companies need to up their game on internet security

Cantillon: websites from Google to Facebook to Yahoo affected by Heartbleed coding flaw

The Heartbleed bug discovered this week is further evidence that we “don’t have our house in order when it comes to internet security”, in the words of one security expert.

The Heartbleed bug discovered this week is further evidence that we “don’t have our house in order when it comes to internet security”, in the words of one security expert.

 

Over the years various industries from mining to medicine were made safe by a combination of regulation and co-operation. Progress was often slow, coming about through trial and error. And it seems the internet is no different.

The Heartbleed bug discovered this week is further evidence that we “don’t have our house in order when it comes to internet security”, in the words of one security expert.

Heartbleed introduced a flaw into the OpenSSL software which is used by banks, online shopping sites, social networking sites and search engines to keep personal and financial data safe. Basically, the software encrypts sensitive information. The coding flaw allowed those who knew of its existence to intercept usernames, credit card details, passwords and other information from the website.

Like other similar bugs found recently – including one in Apple’s mobile and desktop devices – the Heartbleed coding flaw had gone unnoticed for years.

It seems that in a rush to innovate on the web security has sometimes been an afterthought. While the subject of security is an area of concern for technology companies, it is often a later addition, rather than part of the building blocks.

By the end of 2020 it is forecast the “Internet of Things” will include 212 billion connected devices. Such a high level of connectedness creates unprecedented security challenges in terms of privacy, safety, trust and governance. It will be imperative for companies to maintain trust in the security of those connected devices. But how can they do this if they can’t even ensure the security of the web now?

Maybe it’s time the safety culture that is common in fields such as aviation and health became the norm . Companies will have to start designing security within IP-connected devices, rather than addressing it as an afterthought.

The Irish Times Logo
Commenting on The Irish Times has changed. To comment you must now be an Irish Times subscriber.
SUBSCRIBE
GO BACK
Error Image
The account details entered are not currently associated with an Irish Times subscription. Please subscribe to sign in to comment.
Comment Sign In

Forgot password?
The Irish Times Logo
Thank you
You should receive instructions for resetting your password. When you have reset your password, you can Sign In.
The Irish Times Logo
Please choose a screen name. This name will appear beside any comments you post. Your screen name should follow the standards set out in our community standards.
Screen Name Selection

Hello

Please choose a screen name. This name will appear beside any comments you post. Your screen name should follow the standards set out in our community standards.

The Irish Times Logo
Commenting on The Irish Times has changed. To comment you must now be an Irish Times subscriber.
SUBSCRIBE
Forgot Password
Please enter your email address so we can send you a link to reset your password.

Sign In

Your Comments
We reserve the right to remove any content at any time from this Community, including without limitation if it violates the Community Standards. We ask that you report content that you in good faith believe violates the above rules by clicking the Flag link next to the offending comment or by filling out this form. New comments are only accepted for 3 days from the date of publication.