Five Eyes nations tell tech startups to take infosec seriously. Again Cyber security agencies from the Five Eyes nations have delivered on a promise to offer tech startups more guidance on how to stay secure. The Five Eyes nations – Australia, Canada, New Zealand, the UK and US – are best known for their unusually close intelligence-sharing arrangements and joint commitments to defend each other …
Playing second fiddle in the business it will often be overlooked.
In my experience to date, Security is seen as a cost centre and is reluctantly funded in some organisations, in others, it's front and centre and is well funded and invested in as business leaders see the indirect benefits.
To be fair, the guidance is a solid place to start, but the messaging is often not getting through.
If you're going hell for leather in the tech space, security is not the first thing that is being considered.
From what I have seen of most startups' dismal "products" I wouldn't be too averse to my adversaries drinking their fill from those poisoned chalices. Clownstrike not so long ago a startup and at the "quality" end of spectrum and in the infosec space - what hope for the rest of the circus?
At best I suspect it would be lipstick on a pig. Even if a startup finagles ISO 27000 accreditation I would not read to much into that as it often doesn't translate to any practical l long term security improvement.
To be honest most startups can barely be distinguished from old school cons - the "founders" from the outset being focused on the "exit" phase (where they a take their loot and toddle off to their next con startup.) I cannot imagine security being front and centre in their thinking or even on the horizon.
So it's all well and good to say "we need to write secure stuff"
Yep, I certainly agree.
However, as everyone above has commented, security costs expertise, time, and money, and nobody gives a shit anyway.
So until people start getting fined or going to jail when they get hacked, or their products let other people get hacked, nothing is going to happen.
And I mean meaningful fines., not $5,000 here or $10,000 there.
Thank $DEITY I had put my coffee down out of reach or a new keyboard and screen wipe would be needed. For OZ, a placemat is a brilliant put down for this whole sorry cancerous growth of bureaucrats. With Oz getting a CDC, the next flu outbreak will probably have armed guards at all highway on ramps screaming "Papers, papers schnell"
As for security in software, not a hope until companies acts are rewritten so CEOS, boards and directors feel financial pain for stupidity or illegailty, before the shareholders.
Successfully securing your sensitive IP against second and third party phishing/theft leaves government funding streams/grants/investments practically impossible to justify one being given access to, even whenever the secure assets are exactly what is needed for good government.
And that particular peculiar difficulty arises because of the certain desire in officialdom to covet and personally selfishly profit inordinately from such as is privileged private intellectual property.
Thus does the secure entrepreneurial private sector lead the clueless public sector down the perfumed garden path of an individual's choosing irrespective of any second or third party wishes.
Do you recognise or deny that as the means by which your current prevailing virtual realities are sourced to be presented to you by media and publishing as the future to accept to live in?
Take care if you dare to win win against unknown unknown forces and sources au fait and comfortably at ease with almighty exercise in all of the above, for knowing how that is realised is far too dangerous to know and survive without also knowing how to ensure it is never practised by those unworthy.
Capiche?.. Verstehen Sie? ... Begrijp je? ... Вы понимаете? ... 你明白吗? ...هل تفهم؟
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
