Cyber-security, is a huge and growing market. It is also an extremely difficult and complex area to work in. Current systems are becoming increasingly complex in their fight against cyber-crime. The attacks are becoming more and more sophisticated and the defences need to be updated faster than ever. Sometimes something slips through the cracks.
Take the Heartbleed case. Gizmodo has a concise article on what caused it and why it is so important.
There are a couple of interesting aspects to the Heartbleed case. First of all, it is an open source application. It is maintained by people for free, doing it in their spare time for leisure. That is the basis for a piece of software that thousands of corporations rely upon to protect their websites and their customer data.
Secondly, it was a relatively minor bug. It was caused by the constant need for improvement and change. The altered code was reviewed before using, but the small error slipped through nonetheless.
The mounting pressure and increasing speed of needed fixes of our cyber-security software will form the largest threat to our cyber-security. Too many changes, not enough time to test or completely analyse the changes will create flaws or leaks. There are enough smart hackers out there just waiting to pounce on any gap in the security shield.
I am a big supporter of open source software. It is an incredibly good and wonderful thing. I am constantly amazed at the quality of work. But some things need a more solid foundation.