IT Technologies Need to Become Significantly More Robust for the Digital Future - Prof. Dr. Norbert Pohlmann
IT Technologies Need to Become Significantly More Robust for the Digital Future | |
 | IT Technologies Need to Become Significantly More Robust for the Digital Future. Small cause, but a big effect On Friday, 19 July 2024, we once again confronted the significant consequences that a single software error can have. This latest major IT crash, triggered by a software error in an update from the IT security company Crowdstrike, caused not only their IT security solution, but the entire Microsoft system and therefore the application to stop functioning. According to estimates by Microsoft, this affected a total of 8.5 million IT systems worldwide. This in turn had catastrophic consequences for the operations of airports, hospitals, and banking systems. As a result, multiple flights were cancelled, surgeries could not be performed, payments had to be postponed, and a vast number of employees were unable to carry out their activities. Immense damage was caused worldwide, estimated to reach $1.5 billion, highlighting the immense global impact of such failures. The scale of direct and indirect damages is therefore enormous, and will certainly be analyzed in greater detail. Our current IT is not a solid foundation for the digital future In our IT systems, IT infrastructures, and application systems, more and more software from a wide variety of third-party providers is being integrated, given that the technological challenges posed by rapid digitalization are becoming ever larger. This increases the complexity of our IT and the Internet. At the same time, however, the degree of dependency on all the third-party providers used are also increasing and the risks are growing, as demonstrated by the software error at Crowdstrike. Even though software quality is continuously being improved, such software errors, as well as targeted attacks, will continue to occur in the future. For this reason, new IT security architectures, concepts, and functions that are significantly more robust are urgently needed. To strengthen our digital future, companies and institutions must prioritize investment in modern, resilient IT systems. Moving away from outdated monolithic systems towards modular, flexible designs will improve recovery from potential breakdowns. This shift, underscored by the recent Crowdstrike incident, should be accompanied by enhanced software testing and rollout procedures. Updates and patches must be thoroughly tested before widespread deployment, ideally by running them on a controlled, smaller set of systems to identify potential issues early. This proactive approach could prevent widespread system failures and mitigate the risks posed by unforeseen software errors. Expert perspectives on the software error On 14 August 2024, on a Deutschlandfunk radio broadcast in Cologne, I got to discuss this issue with the interviewer Petra Ensminger and two other IT experts: Thomas Caspers from the German Federal Office for Information Security, and IT lawyer Caroline Glasmacher. Together, we explored how seemingly small errors can have devastating consequences in today’s interconnected digital landscape. Our conversation highlighted the vulnerability to IT failures and cyberattacks due to outdated, monolithic systems that are prone to bugs and overly reliant on third-party software. As we emphasized, IT providers, particularly those with significant market power like Microsoft and Google, must recognize their responsibility in ensuring system stability. Stronger emphasis on trustworthiness, accountability, and collaboration between providers is essential to avoid leaving users vulnerable to such catastrophic failures. Based on our insights, Ensminger acknowledged that, “the dependencies are enormous, and we need to ensure that our systems are robust enough to handle them.” In being asked how to counter the vulnerability, we stressed how IT architectures are needed to be built on a smaller, more trustworthy software base. While technologies like trusted computing* can help create modular systems that prevent localized errors from bringing down entire networks, adoption of these technologies remains limited due to resistance from dominant tech companies with vested interests. As such, the solution lies in collaboration. In the broadcast, we also called for European-led digital ecosystems that reduce dependence on big tech, as well as a push for more secure open-source software. As we noted, this transformation requires the cooperation of businesses, academia, and government. Policymakers must set clear goals and provide the resources needed to make our digital future safer and more resilient. Our IT must become more robust To ensure that all IT systems (smartphones, notebooks, servers, cloud systems, etc.) can be implemented robustly, we need modern and secure IT security architectures, concepts, and functions that can be implemented to achieve a significantly higher level of robustness and a higher level of IT security. In addition to building robust IT architectures, organizations must enhance their cybersecurity measures to counter increasingly sophisticated attacks. Regular security updates, rigorous testing of third-party software, and improving redundancy in critical systems are essential steps towards mitigating risks and protecting essential services. Den vollständigen Artikel finden Sie unter: https://www.dotmagazine.online/issues/digital-security-trust-consumer-protection/it-technologies-more-robust-digital-future Für mehr zum Thema: IT Technologies Need to Become Significantly More Robust for the Digital Future Siehe auch:
„Cybernation – Motivation/Definition/Vorgehensweise“
„Master-Studiengang Internet-Sicherheit (IT-Sicherheit, Cyber-Sicherheit)“ „Marktplatz IT-Sicherheit: IT-Notfall“ „Marktplatz IT-Sicherheit: IT-Sicherheitstools“ „Marktplatz IT-Sicherheit: Selbstlernangebot“ „Vertrauenswürdigkeits-Plattform“ „Übungsaufgaben und Ergebnisse zum Lehrbuch Cyber-Sicherheit“ „Bücher im Bereich Cyber-Sicherheit und IT-Sicherheit zum kostenlosen Download“ „Trusted Computing – Ein Weg zu neuen IT-Sicherheitsarchitekturen“
„IT-Technologien müssen für die digitale Zukunft deutlich robuster werden“ „Selbstlernakademie SecAware.nrw: Neues KI-Modul soll IT-Awareness in NRW nachhaltig stärken“ |
| |