UK police lost over 400,000 police files due to a “human error” whereby defective code was introduced during routine maintenance. The mistake had enormous consequences, with Government ministers now admitting that Police criminal investigations may have been compromised due to the error. The mistake points to the wider problem of the security skills gaps amongst developers, with many not taught to code securely from the outset, nor given the time to evolve their security offerings themselves.
Experts Comments
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
It is our understanding that the cause behind the loss of 400,000 police records in the UK, was down to a human error whereby defective code was introduced during routine maintenance. It is frustrating to see that the loss of this extremely important government data could have potentially been avoided, if only engineers were given the time and tools to put security first, always.
It’s imperative that all developers are trained in how to code securely from the outset. That way, vulnerable
.....Read MoreIt is our understanding that the cause behind the loss of 400,000 police records in the UK, was down to a human error whereby defective code was introduced during routine maintenance. It is frustrating to see that the loss of this extremely important government data could have potentially been avoided, if only engineers were given the time and tools to put security first, always.
It’s imperative that all developers are trained in how to code securely from the outset. That way, vulnerable code would never have been introduced, and the loss of data might have been prevented.
While it’s ineffective to teach secure coding in a classroom, there are ways that governments and private organisations alike can encourage their developers to care about secure coding. One of the most successful ways is through hyper-relevant gamified learning platforms that allow developers to learn how to code securely, without taking time out from their day job.”
Unfortunately, as happens all too often, a foundational lack of security awareness in development teams proved costly in this instance, and the consequences were dire.
Read LessLinkedin Message
@Matias Madou, Co-founder and CTO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It’s imperative that all developers are trained in how to code securely from the outset...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-how-the-uk-police-data-loss-could-have-been-easily-prevented
Facebook Message
@Matias Madou, Co-founder and CTO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It’s imperative that all developers are trained in how to code securely from the outset...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-how-the-uk-police-data-loss-could-have-been-easily-prevented