Tuesday, April 21, 2009

RSA 2009 Another Year of Handwringing on Cyber Security

Deborah Gage writes on the San Francisco Chronicle "The Tech Chronicles" Blog:

Every year, the security industry gets together at the RSA Conference in San Francisco to learn new techniques for fighting the bad guys, who always seem to be a step ahead.

This year is no different. Security vendors say they are not doing enough and government officials say they are not doing enough because attacks are getting worse -- in 30 minutes, Symantec blocks 200,000 attacks.

One problem is that computer systems are still too complicated, which makes them easier to attack and harder to protect.

"Separate groups (in a company) do testing, manage the data center and do security audits and a lot of what they do is manual," said Enrique Salem, Symantec's CEO. "If a security team needs information, they call a different department to get the logs, and it takes a couple of days for the logs to arrive. A week later, they change their audit procedures."

If you listen to the director of the NSA, the government isn't doing much better. "We don't have a way today of sharing and seeing networks in a timely manner," said Lt. General Keith Alexander. "How do we close that gap with the antivirus vendors [whose detection of threats tends to lag because cybercriminals create new threats so quickly]. And how do we provide early warning?"

More here.


Post a Comment

<< Home