Having read Paul Parkinson's blog about the UK National CyberSecurity Strategy, it was interesting to read this article on the US government moves towards cloud computing. I have always been surprised by the seemingly complacent attitude towards security, especially with our approach of downloading daily patches and security fixes to the variety of software installed on our PCs. In the article Rob Housman agrees with this and stated "that now is the time when the government should be putting an emphasis on security and safety rather than saving money and going for the tried and true “hack and patch” approach when problems arise."
Why is security suddenly becoming such a big issue? It is because more and more of our systems are becoming connected. In the drive to provide M2M capability and connect everything to the net we sometimes forget the security implications of doing this. This is mainly because these legacy systems have been designed and built for a single purpose, not as part of a connected world. As we move systems from legacy air-gap security environments, into the "cloud" we need to update them and provide security as an additional requirement.
I know in the defence world, our customers are taking security very seriously, and that systems are being designed with more and more of a security requirement – I just hope that the current defence budget cuts around the world do not lead to reductions in these security requirements; I would hate to think that hackers could take control of some of our more advanced weapons systems and turn them on us….