THE POLL by ProQuest


47% of users share their user ID and password with at least...

More Info
									Debate» Automation of security tasks helps                                                                                                      THREAT OF
                                                                                                                                                THE MONTH
organizations better protect information.
      FOR          Organizations continue to suf-                        AGAINST Let’s start with some prem-
                                                                                                                                                Zimuse worm
                   fer catastrophic data breaches.                                      ises: Security is the absence of
                                                                                                                                                What is it?
                   While the primary solution has                                       unmitigatable surprise. Risk is
                                                                                                                                                With the shift by criminals
                   traditionally been to deploy                                         proportional to dependency.
                                                                                                                                                to making money from
                   ever more exotic and complex                                         The best must never be the
                                                                                                                                                malware, we sometimes
                   security technologies, the                                           enemy of the good.
                                                                                                                                                forget that the old school
                   breaches continue to grow in                                           The consequence of this
                                                                                                                                                virus writers never disap-
Geoff Webb,        frequency and scope. New                             Dan Geer,       thinking is that security auto-
                                                                                                                                                peared. Recently research-
senior manager,
product marketing,
                   security technologies generally                      CISO, In-Q-Tel
                                                                                        mation has its place, but only
                                                                                                                                                ers at ESET discovered a
                   place greater burden on the                          where it substitutes for repetitive drudgery
                                                                                                                                                new worm that spreads
staff that oversee and use it.                                          and/or the tendency of human operators to
                                                                                                                                                through removable media,
   The result? Valuable information becomes                             nod off. Sentient offense means there is noth-
                                                                                                                                                like thumb drives. This
lost in a sea of meaningless noise. Policy that                         ing to automate against – the risk mutates.
                                                                                                                                                one is nasty as it also
would otherwise reduce vulnerabilities goes                             Automated defense requires not mutation,
                                                                                                                                                overwrites the master boot
unenforced. The failure is not the result of                            but pattern recognition coupled to judgment
                                                                                                                                                record of the hard drive.
people, nor any given technology – rather it’s                          – judgment that we would be wise to not fool
a failure of process. Process automation offers                         ourselves into expecting of machines.
                                                                                                                                                How does it work?
the only solution to this self-reinforcing prob-                           Automated defenses eventually become the
                                                                                                                                                The destruction is done
lem. Automating processes associated with                               portals of attack themselves, i.e., the rising tide
                                                                                                                                                by overwriting the first 50
information gathering, event analysis, identifi-                         of trojaned anti-virus. The true danger is not
                                                                                                                                                kilobytes of the hard drive
cation and even remediation provide the best                            in unautomated portions of cyberspace, where
To top