How to stop crashing more than twice: A Clean-Slate Governance Approach to IT Security

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

Abstract

"Moving fast, and breaking things", instead of "being safe and secure", is the credo of the IT industry. However, if we look at the wide societal impact of IT security incidents in the past years, it seems like it is no longer sustainable. Just like in the case of Equifax, people simply forget updates, just like in the case of Maersk, companies do not use sufficient network segmentation. Security certification does not seem to help with this issue. After all, Equifax was IS027001 compliant. In this paper, we take a look at how we handle and (do not) learn from security incidents in IT security. We do this by comparing IT security incidents to early and later aviation safety. We find interesting parallels to early aviation safety, and outline the governance levers that could make the world of IT more secure, which were already successful in making flying the most secure way of transportation.

Original languageEnglish
Title of host publicationProceedings - 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages67-74
Number of pages8
ISBN (Electronic)9781728185972
DOIs
Publication statusPublished - 2020
Event5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020 - Virtual, Genoa, Italy
Duration: 7 Sep 202011 Sep 2020

Publication series

NameProceedings - 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020

Conference

Conference5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020
CountryItaly
CityVirtual, Genoa
Period7/09/2011/09/20

Keywords

  • GDPR
  • Governance
  • IT Security
  • Policy

Fingerprint

Dive into the research topics of 'How to stop crashing more than twice: A Clean-Slate Governance Approach to IT Security'. Together they form a unique fingerprint.

Cite this