Citrix: “Unsinkable”: The Myth of Foolproof IT Security
Arguably, though, the word most commonly associated with the storied ship is “unsinkable.” The advertisement and marketing campaign prior to the ship’s launch was focused exclusively on this claim. Just look at the original marketing brochure for Titanic and its sister ship Olympic: “…as far as it is possible to do so, these two wonderful vessels are designed to be unsinkable.”
Selling this idea to the masses really worked — Titanic and Olympic were the toast of the town and tickets sold out in a flash. And this myth wasn’t just bought by consumers; no. Experts, too, started to believe this “unsinkable” idea and became overly confident.
God himself could not sink this ship — anonymous crew member
I cannot imagine any condition which would cause a ship to founder. Modern shipbuilding has gone beyond that. — Edward J. Smith, Captain of Titanic
When you believe that your preventive measures are impenetrable, when you stop thinking about contingency planning, you get complacent. Half of Titanic’s lifeboats were removed, as they were not aesthetically pleasing. Bulkheads were not watertight. Using a double hull was considered too expensive and unnecessary. Titanic was designed for a very specific scenario: a head-on collision; other scenarios were not considered. We can find many technical reasons, but in the end, it was overconfidence and the human factor that was responsible for this historic tragedy.
In recent news…
When I think about the current state of cybersecurity, I often imagine huge, slow-moving cruise ships (enterprises) navigating waters thick with pirates (hackers). Just like icebergs, most cybersecurity threats are not visible on the surface. The captains steering these technological behemoths often believe the “unsinkable” claims about their IT security only to have the rug pulled out from under them when those claims prove false. They, like Captain Smith, have to go down with their ships. We are getting used to the weekly news about the next cybersecurity “Titanic” — and many captains are trying to right their ships without bringing them to a screeching halt. But this is good news; the approach to cybersecurity is changing, with more and more companies focusing on “what-if” scenarios because they understand that security breaches aren’t just a possibility, they are likely.
Read the entire article here, “Unsinkable”: The Myth of Foolproof IT Security
Via the fine folks at Citrix Systems, Inc.