QOTD - WEF - Online Security As Public Good

Online security is also an example of a public good; costs are borne privately, but benefits are shared. When individuals weigh the cost of investing in antivirus software, they do not take into account the benefits of protecting other users from spam and advanced persistent threat attacks if their computers are infected with malware.
Innovative multistakeholder collaboration will be required to tip the balance towards investment in creating systemic resilience.

QOTD - WEF - Axioms for the Cyber Age

Axioms for the Cyber Age:
Any device with software-defined behaviour can be tricked into doing things its creators did not intend.

Any device connected to a network of any sort, in any way, can be compromised by an external party. Many such compromises have not yet been detected.
The document (correctly IMO) summarizes the current state of affairs with respect to system security:
There are no proven secure systems, only systems whose faults have not yet been discovered, so trying to overcome “hackability” may be as hopeless as denying gravity.
Src: Global Risks 2012 - Seventh Edition | World Economic Forum

QOTD - Bill Gates on Trustworthy Computing

So now, when we face a choice between adding features and resolving security issues, we need to choose security. Our products should emphasize security right out of the box, and we must constantly refine and improve that security as threats evolve. [...] If we discover a risk that a feature could compromise someone’s privacy, that problem gets solved first. If there is any way we can better protect important data and minimize downtime, we should focus on this. These principles should apply at every stage of the development cycle of every kind of software we create, from operating systems and desktop applications to global Web services.
-- Bill Gates, at the time (2002) Chairman and Chief Software Architect at Microsoft

Src: Bill Gates' Trustworthy Computing Memo (from Microsoft, dated Jan 15, 2002, RTF format)