Cyber security and the futility of finger pointing

Throughout history, criminals have been earlier adopters of new technology, which has made identifying, capturing and neutralising illegal enterprises a constant uphill battle.

Today, some of the most dangerous criminals we face operate in an entirely new battlefield – cyberspace – posing a greater threat to the security of nations, of corporations and of individuals, than ever before.

In fact, in today’s cyberworld, the balance in the arms race between those who strive to do good and those who want to harm us is not even close.

How serious are the cyber security attacks we’ve experienced to date in 2011? Just ask Lockheed Martin, Sony, Epsilon, or any of the hundreds of other technology corporations, financial institutions or government departments targeted by recent attacks.

The impact spreads beyond the cost of replacing breached digital security technology to the broader costs related to business disruptions, loss of intellectual property and diminished customer trust.

In recent months, much of the industry’s finger-pointing in security and consumer media has turned to RSA, one of the world’s largest security corporations. Back in March, the company experienced a significant data security breach that left users of its 40+ million hard tokens open to cyber attacks.

As a result, there was much finger-pointing between RSA, customers, and the industry as a whole. However, the time for finger-pointing has passed. What’s critical now is that we all move forward, and focus on facts and then do our collective part in deploying technology that exists today that could stop these breaches and risks.

First, let’s take a look at the facts. It is, unfortunately, a fact that security firms including RSA and COMODO have been breached. Further, it is a fact that as a direct result of these breaches, customers of these firms have also been breached.

And finally, it is a fact that if you are a C-level executive working in an enterprise or governmental agency your risk profile has gone up and you need to assess what security solutions on the market today can help you mitigate that risk.

The good news is that technology is readily available today to combat some of the most sophisticated cyber threats. However, some of the world’s largest corporations have not yet taken the security measures they need to fully protect their companies and their customers.

It is important to recognize that today’s cyber security threats are not a Y2K-type of event, where you spend once to solve a specific issue and see the threat pass. Cyber security threats are rapidly increasing and changing in nature. Therefore, the response to these threats must be disciplined, measured and continually improved on a day-in, day-out basis.

Companies and governments need to implement digital security technology that is not complicated or cost prohibitive, and whose flexibility better stand the latest cyber threats and those to come. This is the key to keeping pace with constantly evolving threats and cybercriminals intent on exploiting vulnerabilities.

However whilst the landscape may be continually shifting, the combined efforts, and ongoing dialogue, between government bodies, law enforcement leaders and members of the security industry must continue in order to help to restore a level of security that addresses today’s threats.

With a career that spans more than 25 years across numerous high-tech industries, Bill Conner is among the most experienced security and infrastructure executives worldwide. As a corporate turn-around and cybersecurity expert, Conner has achieved a number of milestones since he joined Entrust as president and CEO in April 2001, the latest of which was engineering the acquisition of Entrust by private equity firm Thoma Bravo in July 2009. Bill has been recognised with the Corporate CEO of the Year Award as part of the annual Tech Titans Award program. Before Conner joined Entrust, he held various senior executive positions at Nortel Networks, including president of Nortel Enterprise Networks and e-Business Solutions, where he successfully turned around the global $5 billion business.

  • jfez

    Big data drives security, risk discussion at MIT CIO affair http://ow.ly/64mpV