By Silka Gonzalez, an EO South Florida member and CEO of Enterprise Risk Management, Inc.
In 2014, we saw Heartbleed arrive on the cybersecurity scene. What was particularly remarkable about this vulnerability is that it can render the world’s favorite cybersecurity jargon—encryption—completely useless. So it wouldn’t matter if you conducted your bank transactions on a million bits of encryption, it could still be easily compromised thanks to Heartbleed.
You’d expect the reaction, the world over, to be shellshock (which, ironically, is the name of another equally dangerous vulnerability that arrived after Heartbleed)—followed by swift and decisive actions to correct the vulnerability.
Well…surprise! Shodan, which is like a Google for Internet-connected devices—recently said a search performed in January 2016 identified close to 200,000 Internet-connected devices that are still susceptible to the three-year old Heartbleed vulnerability. Furthermore, the top 10 countries these servers are located in are among those on the frontlines of world economic discussions. Topping this list by a truly dominating margin is, unbelievably, the United States.
Here’s the worst part: This situation has no excuse. (more…)