Home > All, Security Issues > The problem in using PDFs as a method of disseminating security information

The problem in using PDFs as a method of disseminating security information

When I first started in journalism 20 years ago I could only dream of access to the information contained in documents such as those just released by ENISA: a who’s who in security throughout Europe, and individual reports on the status of network and information security (NIS) in each of the EU countries. But today I can’t help thinking that big bureaucratic bodies are missing a trick.

I scanned parts of the Who’s Who relevant to the UK. Much of the information I am aware of in principle. Many of the contacts and details I already have somewhere or other on one or other of my computers. But to have it all in one place – that’s useful!

I came to CPNI. I have a passing interest in CPNI because of a longstanding interest in its WARP programme. The document says, “A government authority, CPNI provides protective security advice to businesses and organisations across national infrastructure.” So I clicked the link to see if anything had changed since my last visit.

It has a section called ‘Infosec Briefings’, containing a sum total of six briefings. All PDFs. One is called Social engineering against information systems. As it happens, I am currently writing an article for Infosecurity Magazine on social engineering – so I had a look. It was written four years ago. There is no mention of social networking. Facebook, Twitter and LinkedIn do not appear.

Next I glanced through the UK Country Report. Again, it provides masses of information. But there’s not a single mention of the Digital Economy Bill or Act. And bear in mind we’ve just had a change of government with very different views on security and civil liberties. It won’t be all change – but there will certainly be some change.

This is my complaint. Things change fast. PDFs do not. They present a slice of history, but they present it as contemporary fact; and that is misleading and potentially dangerous. By the time a major document is produced and released as a PDF report, it is inevitably out of date. Surely it is not beyond the wit of man to develop online databases of information that are continuously updated, and therefore accurate? Isn’t that what Wikipedia was invented for?

Categories: All, Security Issues
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s