Talk:Computer security

Cyber security in the United KingdomCyber security in the United Kingdom was merged into this article. The discussion was closed on 25 December 2025 with a consensus to merge. The original page is now a redirect to this article. For the contribution history and old versions of the redirected article, please see its history; for its talk page, see here.

Skip to table of contents

This is the talk page for discussing improvements to the Computer security article.
This is not a forum for general discussion of the subject of the article.

Add new text under old text.
New to Wikipedia? Welcome! Learn to edit; get help.

Start a new topic

Article policies

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

Archives: 1, 2, 3, 4: 12 months

Computer security is a former featured article. Please see the links under Article milestones below for its original nomination page (for older articles, check the nomination archive) and why it was removed.

Article milestones
Date	Process	Result
January 19, 2004	Refreshing brilliant prose	Kept
October 23, 2004	Peer review	Reviewed
March 17, 2006	Featured article review	Demoted

Current status: Former featured article

On 4 July 2023, it was proposed that this article be moved to Cybersecurity. The result of the discussion was not moved.

Computing: Networking / Software / Websites / CompSci / Security Top‑importance

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing

Top

This article has been rated as Top-importance on the project's importance scale.

Associated task forces:
/
	This article is supported by Networking task force (assessed as High-importance).
	This article is supported by WikiProject Software (assessed as High-importance).
	This article is supported by WikiProject Websites (assessed as Low-importance).
	This article is supported by WikiProject Computer science (assessed as Top-importance).
	This article is supported by Computer hardware task force (assessed as Low-importance).
	This article is supported by WikiProject Computer security (assessed as Top-importance).

Things you can help WikiProject Computer science with:

Here are some tasks awaiting attention:

Article requests :
- Requested articles/Applied arts and sciences/Computer science, computing, and Internet
Cleanup :
- Computer science articles needing attention
- Computer science articles needing expert attention
Copyedit :
- Computing
Expand :
- Computer science
Infobox :
- Computer science articles without infoboxes
Maintain :
- Timeline of computing 2020–present
Photo :
- Find pictures for the biographies of computer scientists (see List of computer scientists)
- Computing articles needing images
Stubs :
- Computer science stubs
Unreferenced :
- WikiProject Computer science/Unreferenced BLPs
Project-related :
- Tag all relevant articles in Category:Computer science and sub-categories with {{WikiProject Computer science}}

Internet High‑importance

	Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet
High	This article has been rated as High-importance on the project's importance scale.

Espionage High‑importance

	Computer security is within the scope of WikiProject Espionage, which aims to improve Wikipedia's coverage of espionage, intelligence, and related topics. If you would like to participate, visit the project page, or contribute to the discussion.EspionageWikipedia:WikiProject EspionageTemplate:WikiProject EspionageEspionage
High	This article has been rated as High-importance on the project's importance scale.

Other talk page banners

The content of Digital security was merged into Computer security on 1 May 2023. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. For the discussion at that location, see its talk page.

The content of Computer insecurity was merged into Computer security on March 16, 2014. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. For the discussion at that location, see its talk page.

Archives

1, 2, 3, 4

This page has archives. Topics inactive for 365 days are automatically archived 1 or more at a time by if there are more than 5.

inaccurate image

Latest comment: 3 months ago7 comments5 people in discussion

An example of a physical security measure: a metal lock on the back of a personal computer to prevent hardware tampering.

this kind of locks are often used for preventing people from partial RAM theft etc. not advanced targeting Luhanopi (talk) 17:45, 4 June 2025 (UTC)Reply

Google.com 202.44.109.14 (talk) 17:20, 10 July 2025 (UTC)Reply

say more

--Luhanopi (talk) 17:21, 10 July 2025 (UTC)Reply

It doesn't claim to be anything more than a lock to prevent physical tampering. Any better ideas? A picture of an ethernet cable? --𝕁𝕄𝔽 (talk) 20:15, 10 July 2025 (UTC)Reply

fixing up description Luhanopi (talk) 20:16, 10 July 2025 (UTC)Reply

An RFID badge reader with a secure door may be a better example. Chainsawvasectomy (talk) 16:29, 12 November 2025 (UTC)Reply

I disagree. Physical tampering is in fact a way to breach computer security. I've seen cases where someone with a modicum of intelligence plants a raspberry pi into the back of a computer by accessing it physically, and using it to steal stuff like Bitlocker secret keys or do some rudimentay USB sniffing. Advanced targetting does take place via this method, and in organizations that take this opsec very seriously, it's often the only way to create a sort of breach.

I think that the description matches this perfectly. It does seem like an odd photo but this is a very common (albiet outdated) way of handling this.

Nowadays the solution seems to be towards prebuilt computers and screwless devices, which prevent some of this.

RFID badge readers aren't so much for "computer security" as they are for "physical security". I've never seen an RFID badge reader with a computer; the prospect is odd. https://winnerwind.in (talk) 13:09, 1 March 2026 (UTC)Reply

Additional details to improve the “Vulnerabilities and Attacks” section

Latest comment: 8 months ago1 comment1 person in discussion

I suggest adding information about how severely AI tools have weaponized hackers and the threat they pose to cybersecurity. Anthropic has released a report of how hackers have used Claude to execute cyberattacks. https://www-cdn.anthropic.com/b2a76c6f6992465c09a6f2fce282f6c0cea8c200.pdf Imaazmm123 (talk) 05:25, 10 September 2025 (UTC)Reply

Potential Edits

Latest comment: 6 months ago2 comments1 person in discussion

*Controversial* This article indicates that cybersecurity is a subdiscipline of information security. This heavily implies that "Cybersecurity" is a "focus area" https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf specifically the CSF requires that risk management, governance, etc are essential in an effective cybersecurity program. Users should be made aware that this article is focused on certain aspects of cybersecurity. Even though this topic is covered, the article itself seems to indicate in the introduction that they're distinct within an organizational context. Further, many top cybersecurity platform-agnostic certifications like those from ISC2 tend to focus more on the CIA triad (or CIANA +PS). Finally, NIST SP 800-207 https://nvlpubs.nist.gov/nistpubs/specialpublications/NIST.SP.800-207.pdf (discussing ZTA) specifies on pg 1 that "Organizations need to implement comprehensive information security and resiliency practices for zero trust to be effective. " Information Security and Cybersecurity as this article distinguishes, are two interdependent concepts. As much as I recognize the topics might be different, the interdependency should be, at least, explicitly noted. Even though the distinction can "technically" be made CNSSI 4009 https://www.cnss.gov/CNSS/issuances/Instructions.cfm indicates that cybersecurity has largely replaced Information Assurance/Security as the "correct" term.

Additionally, the "Secure by Design" section should mention that the framework was an international effort, headed by the Australian Signals Directorate: https://www.cyber.gov.au/business-government/secure-design/secure-by-design/choosing-secure-and-verifiable-technologies The article section seems to indicate "special ownership" or a "special design" of the concept when it was, in fact, a joint effort.

Software Supply Chain Failures/Vulnerabilities should also be added as its an OWASP top 10 candidate for 2025: https://owasp.org/Top10/2025/A03_2025-Software_Supply_Chain_Failures/

Editors should consider adding privacy concepts to this article in accordance with NIST CSWP 40idp as the CIA, CIANA, or CIANA + PS models are overwhelmingly starting to consider user privacy, not just data/infrastructure protection, as a major component of their cybersecurity programs.

Last, many of the references in this article do not reference "official" sources for definitions. e.g. One company's definition of a concept is not always the respected industry definition for this topic. CNSSI 4009 is a respected publication for a glossary of terms and definitions. Chainsawvasectomy (talk) 14:14, 11 November 2025 (UTC)Reply

I've been made aware that https://www.cnss.gov/CNSS/issuances/Instructions.cfm may be a problematic link. This is due to the DoD using a TLS certificate signed from their own Signing Authority (which your browser very likely doesn't have registered by default). If you don't add that Signing Authority to your browser it will think the certificate is invalid. If you're having issues trusting the link here is an archive.org link to resolve this: https://web.archive.org/web/20251010024632/https://www.cnss.gov/CNSS/issuances/Instructions.cfm Chainsawvasectomy (talk) 15:16, 11 November 2025 (UTC)Reply

No education segment.

Latest comment: 5 months ago1 comment1 person in discussion

There is no segment about education. ~2025-41229-57 (talk) 00:54, 17 December 2025 (UTC)Reply

Wiki Education assignment: Introduction to Technical Writing

Latest comment: 3 months ago1 comment1 person in discussion

This article was the subject of a Wiki Education Foundation-supported course assignment, between 19 January 2026 and 16 May 2026. Further details are available on the course page. Student editor(s): Dulceelsie1009 (article contribs).

— Assignment last updated by MaryB57 (talk) 01:39, 20 February 2026 (UTC)Reply

Remove/Replace the first image

Latest comment: 3 months ago2 comments2 people in discussion

I feel as though the image with the description

> Symbolic representation of computer security and data protection.

is irrelevant to the article and does not provide any meaningful benefit to the content other than to be filler.

Alternatively, we can show images of Yubikeys/Onlykeys (as they are ways of boosting the security of a computer) or completely remove the image entirely. WinnerWind (talk) 13:12, 1 March 2026 (UTC)Reply

This image was added two days ago and I agree that its value is dubious at best and not at all appropriate as the lead image. What provenance or international recognition dies it have? How does it comply with MOS: IMAGEREL? Per WP:BRD, I have removed it pending consensus that supports its presence. --𝕁𝕄𝔽 (talk) 14:06, 1 March 2026 (UTC)Reply

Add topic