True That: In Cyber Security, There Are No Silver Bullets
William Jackson writes on GCN.com:
Members of a panel of security experts today painted a gloomy picture of the cybersecurity landscape, in which rapidly evolving threats and conditions ensure that even the best solutions are likely to remain piecemeal and temporary.More here.
Security efforts should focus on assessing and managing risk to information, members of the panel of industry and government officials said, and baseline security requirements mandated by government cannot be expected provide adequate security across the board.
“We should go in with our eyes open to the reality that if somebody wants the information, no matter what the baseline, they will get it,” said Wayne Fullerton, solutions and operations director for Cisco Systems Inc.’s U.S. federal organization.
Levels of security need to be assigned to a given piece of information based on its value to the owner and to those who could steal it. After the cost of stealing information drops below its perceived value, “if people really want it, they will get it,” Fullerton said.