Whenever something goes wrong in the world of tech, there’s a knee-jerk reaction that often ends up making things distinctly worse. Post traumatic tech disorder.
We’re seeing it at the moment in the aftermath of the Talk Talk debacle. Calls for cross-industry regulation to ensure that this sort of thing will never happen again. In general terms I tend towards being pro-regulation, but in the world of technology security a lack of regulation isn’t the problem – it’s a lack of adequate risk management. Regulation in itself doesn’t make that flaw any better.
But there is a broader issue, and that’s one that Nassim Nicholas Taleb talked about in his writing of Black Swans – extreme events that are rare and unpredictable. These things happen. They, by their nature are unlikely to happen again. And so putting in lots of measures to deal with Black Swans in retrospect makes sense politically, but practically is often pointless, and often counter-productive.
Instead of addressing Black Swans after they happen, making systems increasingly fragile through good intentions, Taleb instead argues that we should look instead to design antifragile systems: things that get stronger when they’re bashed about a bit. The underpinnings of the Internet are a good example. As is that most pervasive of business systems Excel. Or email.
What can we learn about the reasons for the strength and pervasiveness of these services, and how can we nurture more platforms that adopt their positive attributes? That’s the way to build things that don’t break in the longer term.