You are here

Complexity is Cheaper than Simplicity: The Reason Cyber Security is Hard

Kristofor Bolton
RUSI Defence Systems, 23 April 2019
Cyber, Future UK Cyber Security Strategy Project
In most industries simplicity is cheaper than complexity; streamlining processes and shedding excess reduces the cost of doing business. Within the technology sector, there is a trend to accomplish the same goal by doing the opposite. This increased complexity has a negative effect on security

The UK’s digital economy contributes one-eighth to the country’s GDP, a higher proportion than any other G20 nation. According to the government’s Cyber Security Breaches Survey 2018, the digital economy is under attack; 43% of UK businesses reported at least one cyber breach in the previous year. 72% of large companies reported a cyber attack in the previous year, with 9% reporting multiple attacks per day. Protecting the UK’s digital economy and electronic infrastructure is a national security priority. The government faces significant challenges in fighting the adapting threat and fixing weaknesses in its own National Cyber Security Strategy.

Improving cyber security means combating strong economic and psychological factors within software development companies, freelance programmers, digital businesses and normal users. Industry and government are tackling the problem of security from a user point of view: educating users and employees of businesses with programs such as Cyber Essentials, the UK’s government-backed education scheme which bestows one of two Cyber Essentials badges upon a company to showcase its cyber safety online. The focus of industry and government attempts to improve security should broaden to include the entire software development lifecycle, from its initial design to the products launch. Trades professionals, such as gas technicians, face a legal requirement to hold specific certifications (Gas Safe) to prove their competence. Should the future of a more secure digital country not require a similar scheme for software developers, and a scheme for the software companies themselves?

Continue Reading

Become A Member

To access the full text of this article and many other benefits, become a RUSI member.

Support Rusi Research

Subscribe to our Newsletter