back to article IT security teams, business execs still not on same page

Let's start with the good news: according to a survey of security and business leaders, executives have become far more aware of the importance of cyber security in the past two years, better aligning security teams and leadership.  Now for the bad news: understanding and prioritizing cyber security hasn't led to smoother …

  1. Paul Crawford Silver badge

    That's not particularly fast for your average stroll around the internet, but according to the paper 1,000bps would enable real-time keylogging, could transmit an entire 4096-bit RSA key in a little more than four seconds, and could steal private cryptocurrency keys in a quarter of a second.

    If you already can run malware on the target machine to manipulate power draw and you can get close enough, then I would imagine you could get the key out by other means for more easily. If the machine really is air-gapped so no internet, then its private RSA key is not terribly useful to outsiders?!

    So quite an interesting achievement, but I'm not sure how much sleep anyone needs to lose over it.

    1. stiine Silver badge

      Unless its connected to a PLC in a nuclear processing facility.

      Wow, your memory is very short.

      1. Paul Crawford Silver badge

        Seems your memory is not clear - they did not exfiltrate data there, they monkeyed with the centrifuges to damage them. No communication needed as they knew what range of parameters to expect on the target, and what to fiddle with once found matching.

  2. Potemkine! Silver badge

    Too few, too late.

    "Business leaders" don't really care about cybersecurity.

    Seen recently in a big company: an online security training was organised, and was mandatory for every one. After 1 month, stats were made by department to know about attendance. Far behind all of them was the C-suite, with less than half of them attending the training.

    For them, security only matters when it's too late and an incident occurred. Before that, it's way too expensive, and shareholders won't be happy if the net result is even slightly impacted. That kind of short term vision explains a lot what we see in the news every day.

    == Bring us Dabbsy back ==

    1. Anonymous Coward
      Anonymous Coward

      Re: Too few, too late.

      Maybe they need to learn.

      I could email them a link to my quiz: "99% of executives can't answer these 10 questions"

  3. Anonymous Coward
    Anonymous Coward

    Never mind business leaders. See how bad the disparity is in the Operational Tech sector with organisations that decide on funding of Critical National Infrastructure upgrades & replacements.

    The disparities between the objectives OFWAT/OFGEM/OFCOM, BEIS and utilities cannot be squared off and there is no authority to take control of the mess.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like