When we founded OSA a few years back it seemed likely that we would soon inhabit a world where IT Security and the management of IT Risks would be a crucial part of the equation to ensure that our society and it's industrial, commercial and economic systems functioned effectively. There was already a strong case for ensuring that computing architectures were secure for financial services but it was less clear on the importance of security for Industrial Control Systems, or the need to ensure that social networking and information providers maintained high levels of integrity.
The pace of change has been surprising. We have seen sophisticated malware attacks on factory and process automation systems for critical infrastructure and utilities. A dramatic escalation in the skill of attackers from script kiddies looking for recognition amongst peers, to well funded criminal gangs exploiting credit card information, and finally towards nation states and espionage
Given this backdrop the latest impact from a twitter hack caught my eye last week:
Whether this was used for financial gain remains open to speculation, but the impact of this attack in an era of high frequency trading was dramatic, and the opportunity to exploit misinformation on this scale for significant financial gain is unquestionable.
It certainly suggests that an investment in 2 factor authentication is a worthwhile addition if you have a high profile Twitter account. Perhaps we will see some form of trust mark evolving for those accounts or information sources that are more trustworthy and have a certified degree of integrity...