A government audit (PDF) has pinpointed more than 3,800 vulnerabilities -- 763 of which are high-risk -- in the Federal Aviation Administration's Web-based air traffic control system applications, including some that could potentially put air travel at risk.3,800? That is amazing. There must be something very wrong with their processes. The FAA has a lot of data and I get the impression they are struggling to interconnect their systems securely but 3,800? 763 high risk? I wonder how FAA/DOT's leadership will respond.
Security isn't an add-on product or something you worry about later. Security is inordinately expensive and marginally effective unless it's part of the entire process, aka "baked-in". I wonder what the cost will ultimately be.
No comments:
Post a Comment