Cybersecurity is Like Food Safety: Digital HACCP
canopic jug writes:
Developer and entrepeneur Bert Hubert has written about how software supply chain safety is similar to food supply safety. Both are about recognizing hazards and finding critical control points to monitor. Strict rules about handling must also be followed, in both fields.
You can't just buy the required stuff and declare the food is now safe. It requiresconstant vigilance.
The analogies to cybersecurity are overwhelming. Food safety is the properanalogy for cybersecurity.
Compare:
- The enemy is invisible (germs)
- You can get infected via your supply chain, which is also yourresponsibility
- A single employee not paying attention can sink you
- Out of sight, bugs can fester for years before causing harm
- Without the right infrastructure, you are doomed
- But even if you buy the right stuff, there are no silver bullet solutions - only paths to improvement
So I looked into this a bit more, as related fields can often provide verygood inspiration. And I was blown away by what I found.
Food safety has been around for a while now and they are light years ahead ofus. A mainstay of providing safe food is HACCP[*].
[*] HACCP: Hazard analysis and critical control points.
The key in both areas is recognition that safety is an ongoing process and not a product or appliance which can be tacked on aftermarket.
Previously:
(2020) Supply-Chain Attack Hits RubyGems Repository with 725 Malicious Packages
(2020) A Better Kind of Cybersecurity Strategy
Read more of this story at SoylentNews.