In his keynote to the RSA 2009 conference, Brian Truskowski, general manager of IBM's Internet Security Systems (ISS) business, told delegates that despite all the improvements in security technology the human element was still the key weakness in any system.“We need to admit humans will always fall for a good hoax, then we need to accept it and move on,” he said.“Humans are an infinite threat to security. This is why security has moved to the machine/human interaction point, chiefly the browser and the application.” He gave the example of Kevin Mitnick, one of the most famous hackers of all time. Mitnick himself admitted that his success was down less to his computer knowledge and more to an ability to fool people with social engineering.Truskowski said that for security to be effective it needed to be built into the enterprise from the ground up and be responsive. Too many vendors focused just on blocking one attack vector when a more flexible approach was needed.The situation was similar to the Titanic, he said. The ship builders focused on strength, speed and luxury and ignored maneuverability, which proved fatal for many of the passengers.“Too many chief executives see the iceberg coming but can't do anything about it,” Truskowski said.Companies should focus on building flexible network security and consider offloading part of the business to managed security vendors, he continued, as there are simply not enough good security personnel available for IT departments to hire.
Copyright ©v3.co.uk
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.