Stop the finger-pointing

Throughout history, criminals have been earlier adopters of new technology, which has made identifying, capturing and neutralising illegal enterprises a constant uphill battle.

Some of the most dangerous criminals we face operate in an entirely new battlefield – cyberspace – posing a greater threat to the security of nations, of corporations and of individuals than ever before.

The balance in the arms race between those who strive to do good and those who want to harm us is not even close.

How serious are the cybersecurity attacks we’ve experienced to date in 2011? Just ask Lockheed Martin, Sony, Epsilon, or any of the hundreds of other technology corporations, financial institutions or government departments targeted by recent attacks.

The impact spreads beyond the cost of replacing breached digital security technology to the broader costs related to business disruptions, loss of intellectual property and diminished customer trust.

In recent months, much of the industry’s finger-pointing in security and consumer media has turned to RSA, one of the world’s largest security corporations.

Back in March, the company experienced a significant data security breach that left users of its 40 million hard tokens open to cyber attacks.  

As a result, there was much finger-pointing between RSA, customers, and the industry as a whole, but the time for finger-pointing has passed.

What’s critical now is that we all move forward, and focus on facts and then do our collective part in deploying technology that exists today that could stop these breaches and risks.

Take a look at the facts. It is, unfortunately, a fact that security firms including RSA and Comodo have been breached.

It is a fact that as a direct result of these breaches, customers of these firms have also been breached.

And it is a fact that if you are a C-level executive working in an enterprise or governmental agency, your risk profile has gone up.

However, some of the world’s largest corporations have not taken the security measures they need to fully protect their companies and customers.

It is important to recognise that today’s cyber security threats are not a Y2K-type of event, where you spend once to solve a specific issue and see the threat pass. Cyber security threats are rapidly increasing and changing in nature.

The response to these threats must be disciplined, measured and continually improved day-in and day-out.

Companies and governments need to implement digital security technology that is uncomplicated, inexpensive and flexibile. This is the key to keeping pace with constantly evolving threats and cybercriminals intent on exploiting vulnerabilities.

The combined efforts and ongoing dialogue between government bodies, law enforcement leaders and members of the security industry must continue in order to help to restore a level of security that addresses today’s threats.

Copyright © SC Magazine, Australia