You are here

An 80-20 rule for cat herding at a dog parade -- or improving Internet security

Kudos to the group of Internet security experts who came up with the Top 25 coding flaws that lead to ~85% of all cyber-criminal activity on the Internet -- thanks for the heads up from Zero Day Threat and Byron Acohido's article in USA Today.

I look at this ~85-25 insight as the cyber-security community's version of the old 80-20 adage that 80% of effects come from 20% of the causes. 

  • While the numbers are slightly off in this instance -- the concept is dead on. 
  • If you want to get anything done in the real world, one has to use tried and true strategies like the 80-20 rule

To explain the rest of my mixed metaphor...

  • the cat herding is getting open-Internet people with super high-expectations for speed and unrestricted access to whatever they want whenever they want it -- to slow down long enough to protect themselves from being chased and eaten by...
  • The dog parade of cyber-criminals who easily feast on cats -- who in their anxiousness to do whatever they are doing fast -- don't do the most basic and simple things to protect themselves... 

Bottom line: It continues to amaze me how little the collective Internet community focuses on Internet security -- so little that after 16 years since the Internet's commercialization and after  well over a billion users use the Internet world wide -- only now in 2008 experts have gotten around to identifying the simple 80-20 cyber-security rule for Internet programmers.

How scary is that?