Name and shame bad security vendors, not customers, says Simplexo CTO

By Peter Gothard
25 Sep 2012 View Comments
Simon Bain Simplexo

High-profile businesses are being unfairly criticised for poor security when the real blame lies with their security solutions providers, according to the founder and CTO of search engine tech firm Simplexo.

Further reading

"Over the last two to four years we've had countless failures," Simon Bain told Computing. "Global Payments earlier this year reported 1.8 million credit card [details taken], LinkedIn [had 6.5 million user details stolen], the list just goes on and on.

"Errors do occur, of course, and nobody's infallible. But in most cases, when I talk to organisations they say ‘Well, we used industry best practice, so it's OK'."

It was the late August 2012 ICO investigation of Tesco that, says Bain, made matters "come to a head".

"They're greengrocers – what do you know about IT security?" said Bain. "Why should they be slagged off in the press for having old security systems, when they spend many, many millions of pounds on people who should know better; consultants and organisations who come in and do their web services and banking services for them, all of which purport to be best practice just to excuse them?"

Bain questioned the nature of best practice at a basic level. "What is it? Who actually defines what it is? Who's checking it to make sure it still is best practice.

"It just struck me that people are using this to save themselves, while actually you and I the users are the ones getting our credit cards lost, or details stolen, and ultimately end up paying for it, rather than the organisation who put it in in the first place. That cannot be correct."

Reader comments
blog comments powered by Disqus
Is it time to open Windows?

Computing believes that Microsoft will start offering Windows free of charge by 2017. Is this a good thing for the enterprise?

56 %
15 %
7 %
20 %
2 %