According to Brian Krebs, United Airlines has rolled out a series of updates to its website that it claims will improve the security of its customer accounts. These changes include moving from a 4-digit PIN to a password, as well as customers being required to pick five different security questions and answers. Robert Capps, VP of business development at NuData Security commented below.
Robert Capps, VP of Business Development at NuData Security:
“United Airlines is clearly attempting to incrementally advance consumer security, while maintaining usability. We remind ourselves every day that security is a process, and for it to be so, it has to become part of business as usual… not a milestone, or a sprint to the finish line. The race has not been run, or won. It’s not, in fact, a race at all – and although hackers might not see it that way, we’re in it for the duration. Any good security program must be a balance between effectiveness and convenience, between threat protection and customer friction and in perfect unison, in sequence and timing, just like a good duet.
The approach United Airlines is taking seems thoughtful and appropriate, given the number of customers who use the system on a daily basis, and the need to provide timely and ubiquitous access to flight information, reservations, tickets and other travel information.
United’s approach is unlike many companies we’ve seen of late. It’s not about deploying the most visible and impactful (or some would say, disruptive) techniques in front of consumers in an effort to demonstrate security to customers. It’s early, but it just might be the case that United is doing the opposite — forming the key elements of a foundational plan to incrementally increase actual consumer security.
As they continue along this path, I would expect to see United leading the way with new and innovative techniques to secure their customer base, but first… let’s let them get started. I’m sure there is more to follow. As practitioners, we can choose to take a step back and deploy our curiosity rather than scepticism, and give United the space they need to demonstrate leadership in this area.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…