1) Brief Summary

Have you noticed about the "Broken Windows Theory"? It was proposed by social
science in 1982, and it argues that violent crime and anti-social behavior are more common in
areas where minor offences such as graffiti, public drinking, and turnstile-jumping have already
developed a climate of lawlessness. The idea was introduced by the city of New York in the hope
of mitigating violence by building a more positive metropolitan climate, which will contribute to
order and lawfulness. We should aim to extend the same logic to operating computer resources
that are accessible through the Internet.

CERN's computing resources are managed by a diverse group of individuals, mostly by

our colleagues in the IT department. Users can build online sites with Internet access on top of
their service offerings. In the meantime, our academic group, experiments, and accelerator
industry operate their own computing services, which include Internet access. While the
Computer Security Team monitors the gaps in CERN's exterior wall firewall and assesses the
level of protection before allowing any new opening, maintaining that level of protection for all
open services is actually time-consuming.

In the one hand, “computer security” is a highly volatile topic in which what was stable
yesterday may become vulnerable tomorrow (assume of the previous “Shellshock” or
“POODLE” weaknesses). Misconduct, but at the other hand, contributes to a deterioration in
accessible services due to the motto "don't enter a working machine."

Recent information security analyses have shone some unsettling light on the CERN
computer resources that are accessible through the Internet. Not all of them are absolutely
healthy any longer. Credentials have withdrawn or are just "random" (e.g., personality or without
code of trust), protected networks use approaches that are now considered unreliable, landing
pages are unavailable, or software is no longer up to date. Of course, the operators of the
impacted services have been contacted!
 However, as in New York, degraded facilities can draw nefarious malevolent to work out
their bad acts. Let us all work together to keep our online presence safe and competent! Let us
use New York City approaches! We still search for compromised websites and out-of-date
settings, we check if existing firewall vulnerabilities are still required, and we alert the holders of
impacted services, but we have to do more On the one hand, we should consider changing the
default settings for collectively operated networks in order to provide a more elevated and stable
base setup.

On the other hand, we want to ask all tenants of computing services to keep a very close
eye on them, particularly if running the service is not your foremost concern. Don't allow them to
worsen! Maintain them by keeping them up to date and ensuring that both updates are the most
recent. Examine the licences and renew them as soon as possible. Build a landing page or, if that
isn't feasible, redirect to "home.cern." Finally, check all firewall openings and request that we
close them if they are no longer needed. As a consequence, let us keep our Digital Broken
Windows under check in 2019 and beyond.

2) I disagree with the above phenomena, making sure that you have no ‘broken windows’ or
gaps in national cyber security through which unsought rudiments could enter. In order to do
this, state’s first requirement to make a secure baseline to grow your posture.

3) After reading the stance I found some question unturned yet

Do broken down theory provide the information we need to oversee cyber risks? ...

How effective is our cybersecurity strategy at addressing national security risks? ...
How do we protect sensitive information handled and stored by third-party vendors as per broken
down theory? ...
Do we have the right data governance strategy to minimize cyber risk?