Automation has changed our lives. Computers and all kinds of software enabled devices make our daily lives easier. Every year computer devices get more powerful, less expensive but also get more vulnerable to cyber security risks. Too often cyber security breaches have a severe impact on our safety and privacy. But most cyber security accidents are hidden from the public eye.
Cyber security is a vital concern for individuals, organizations, and societies at large. To address this pressing issue and ensure a safer digital environment, we present this manifesto, which aims to simplify cyber security to accelerate its effectiveness.
Why is good cyber security still so hard to accomplish?
Good cyber security is still a cost factor for companies. Software and hardware companies have too little solid legal requirements to deliver products that meet basic security needs. Also software and hardware used for automation are complex products that are hard to understand and require a lot of specific knowledge of various fields.
We struggle for more than 30 years
We have made things worse by our thoughtless behaviour. We refuse to create simple systems for simple problems that can be easily adjusted and are resilient for common cyber security threads. We speak a strange language and talk about risks, processes and complex technical measurements. Transparency is lacking and we advocate for complex security products which we don’t understand and are impossible to maintain. We embrace every new IT hype as the holy grail for solving our cyber security problems. In the end you always pay more for cyber security solutions, but the risks still remain. We call it residual risks and are not able to deal with common security threats for too long now.
We, security experts, are trained and brainwashed by commercial vendors to advocate for complex, expensive cyber security solutions that are costly to implement and lack transparency. Most cyber security solutions are not future-proof and not maintainable in the long term. Most cyber security improvements programs end with more paperwork and more new fancy software tools, without increased security resilience.
But there is another way
We need to break out of this cycle. We need deeper and better knowledge in how computers and software work to design effective cyber security defence methods. We need to stop doing what we have done for too many years. We need simpler solutions, we need to use solutions that are transparent and we can trust. We need to stop reinventing the wheel. We should make use of proven open solutions. We should improve existing solutions instead of creating new solutions that will fail again in future.
Join our journey
We promote and advocate for the reuse of proven cyber security solutions. We simplify the use and reuse of common security practices. We advocate for security by design as an approach to involve all stakeholders. We believe that continuous education and awareness are fundamental to simplifying cybersecurity.
We think openness is key. This means that we only promote open solutions (products, methods and documentation) that can be used and improved so that we all benefit.
You don’t have to be a genius to make cyber security simpler and better. All it takes is continuous learning and the willingness to go against common conventions.
We know that cyber security protection can be much better and simpler. Established large companies within the cyber security field will not change overnight, So we keep showing and promoting simple cyber security solutions. Join and help us. Learn to build simpler cyber security solutions that are future proof and work better.
Help us by sharing this manifesto to create awareness that we need to do better as cyber security professionals.