A recent article and news story caught my attention. US Defense Secretary Leon Panetta issued a call to arms over recent cyber attacks on American banks, stating that utilities, transportation, and industry are all possible targets.
Just a few months ago, the UN warned of cyber terrorism. If and when these attacks occur, information technology (IT) professionals will be expected to react.
CM professionals will be expected to recreate baseline code and verify that systems are tested thoroughly from a security standpoint. Developers will need to make sure the security of their applications is airtight.
A good example of QA and its role in testing for cyber attacks can be found on out-law.com. It seems the European Union is in the process of testing against cyber attacks on the banking industry.
From the developer viewpoint a blogger warns that unless developers view security as more than an add-on feature, cyber attacks will be easier to accomplish. Kapersky Labs, a Russian multinational computer security company, is building an antimalware OS for large industrial complexes to hinder third-party executables from executing.
As far as CM goes, the writers of a whitepaper have coined a new phrase—Security Configuration Management—that the company defines as, “The management and control of configurations for an information system with the goal of enabling security and managing risk.”
All three areas in information technology have an important role in future cyber attacks. The call to arms is growing. As one article points out, budgets may drive our response.
The US is not the only country concerned that these attacks are inevitable. The chief of the Government Communications Headquarters (GCHQ), a British intelligence agency, has warned of potential attacks as well. Iran, accused in the attacks, has denied any involvement. An October 16, 2012, CNN report says US officials believe this is untrue.
Whether or not these attacks are being plotted by state-sponsored cyber terrorists or rogue elements in the seedy underworld of hackers, one thing is true: This time, governments are taking the threats seriously.
Joe Townsend has been in the configuration management field for twelve years. He has worked for CNA Life Insurance, RCA, Boeing, UPS, and in state government. Joe has primarily worked with Serena tools, including PVCS Version Manager, Tracker, TeamTrack (Mashups), and Dimensions. He is an administrator for WebFocus and supports Eclipse users.