IT monocultures, just like ecosystems lacking diversity, are ripe for exploitation and total collapse. The recent spate of ransomware is a digital infection in an environment that was *designed* to be brittle, in the mistaken impression that that would be lower cost and more manageable. IT in our institutions are designed by people who are insufficiently skilled. They've created cultures of disempowerment, so the good people leave, and the incompetents dig in, forming dysfunctional fyfedoms.
@drh with Windows <=10 there's a huge array of known flaws to exploit :) Due to their dependence on legacy apps, most institutions are no where near up-to-date with all their systems, so it's just a matter of cycling through known exploits until you find one. I'd never run Windows in the enterprise, and I'd never allow Windows-only 3rd party software - it guarantees a decrepit IT infrastructure.
@maxheadroom step one: stop buying new MS Windows-dependent software. Step two: stop outsourcing all the interesting work, save it for people working for the organisation. Step three: start bringing in external IT experts from private industry to act as mentors for staff and help them raise their game in context of specific projects. Step four: fund development of sector-wide open source apps, with strong consultation with actual users, empower staff.
@maxheadroom that's just off the top of my head. Also, ensure that all software procurement requires that any proprietary apps are compliant with relevant open standards. If there are no open standards, gov't should fund development of them with industry/public service teams, in collaboration with similar orgs internationally. Raise profile of the role within gov't. Oh, and remove the current batch of decision makers & replace with periodic multi-vendor + local tech staff/user rep teams.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!