Microsoft releases security patches every second Tuesday of the month. They call it ‘patch Tuesday’. The next day is called ‘exploit Wednesday’ by the hacking world just because they wait for the patch to get released. They try to reverse-engineer that. They study and understand what the patch is going to do and they try to attack the vulnerable points. Obviously, the next day there are going to be many systems that are not updated with the patch. These systems become vulnerable to cyberattack. Such threats are common as much to the corporate websites as to government sites. In South India, many states/departments are changing to Linux-based platforms to avoid these problems.
Just imagine what would happen if electronic voting machines (EVMs) were hacked or road signal systems were compromised! It would lead to absolute chaos.
The ideal solution would be to stop the attack rather than perform a post-mortem after the attack has happened. Prevention is always better than the cure.
Security is not a one-time activity. It is an ongoing process. I think social level of information security is needed and we have to educate the end users. We need one place where all matters relating to cybersecurity can be addressed.
Video of e-Security: Public sector challenges and solutions