It Monoculture Vulnerabilities and Defenses

T he term monoculture originates in the biological sciences, where it refers to a population entirely comprising instances of a single organism. Monocultures are rare in nature, and for good reason: they risk extinction from pathogens and have less chance of adapting to changing conditions. A pathogen could destroy some members of a diverse population but not all of them—diversity thus helps ensure survival of the population. Although nature abhors monocultures, cyberspace seems to favor them. A collection of identical computing platforms is easier, hence cheaper, to manage because mastering one interface and making one set of configuration decisions suffices for all. In addition, user training costs are reduced when job transfers do not have the overhead of learning yet another operating system and suite of applications; investments in education about how to use or manage a system also can be amortized over a larger user base in a monoculture. Finally, interoperability of a few different kinds of systems is far easier to orchestrate than integrating a diverse collection, standards not withstanding. So networking is usually easier to support within a monoculture. Mindful of these advantages, the public and private sectors both tend to adopt procurement policies that foster creating computer monocultures. The past five decades of computer usage in organizations has been a series of epochs, each one characterized by a single dominant instruction set architecture and operating system. Today it is Intel’s x86 architecture running Microsoft’s software. Two things are different today than in the past, though: the widespread • dependence on computing systems for day-to-day operations, and the interconnection of computing systems, which • enables computers to exchange content (including malware).