CYBER-GEDDON has been overhyped, but IT security professionals need to find new ways of dealing with the never-ending threats, says Scott McIntyre, chief security officer for Amsterdam-based ISP XS4ALL Internet.
"The sky is not falling, the situation is not as bad as many make out, but we need to accept that the internet has been 'pwned' (compromised or controlled by rivals)," he told the AusCERT 2010 conference on the Gold Coast last week.
"We need to maintain a sense of proportion and adjust our expectations about internet security,"' he said.
"Not everything that happens is a major crisis, you don't need huge cyber bunkers because there's a worm on the network -- this should be your daily routine by now."
Mr McIntyre, who is also a member of the Dutch computer security incident response team KPN-CERT, said the industry was stuck in "a weird loop of going backwards and forwards" on the same issues.
"Too many people are focused on the minutiae of internet security, but security professionals are being trained to sit and wait for the alerts to pop up," he said.
"We look at patterns of data and try to find a signature to fix it, while firewalls and other devices all work really well for the things they know about.
"There's all sorts of evidence of the evil that's out there, but we can't see it and certainly can't respond.
"We are doing a very bad job of anticipating new problems and should be better at expecting the unexpected."
Instead of worrying about the explosion of malware, Mr McIntyre said the industry needed to address human behaviour and provide technologies people would actually use.
Passwords were a failure because people still chose user name and "password", and people continued to click on phishing links.
"A lot of the approaches we're using now have failed," he said. "We need to change how we deal with these problems, as the incidents are not stopping."
Mr McIntyre said industry also needed to take more responsibility in relation to the "Chicken Little" scenario.
"We need to be careful about statements to the press.
"Security researchers go out and say, 'I found this amazing bug, and with a click of the button I can rape the internet'.
"But if you're going to release source code or proof of concept for an exploit you've found, have you already found a defence for it, have you done something responsible, or are you just out for glory?"
Like this post?Why not to Subscribe to Trend Internet Security news by Email for FREE
First time on my blog "Trend Internet Security?" Want to know more about Internet Security? Need some cool advices and modern Trend Internet Security tips&tricks? |
|
Subscribe to blog updates by Email or RSS |
|
Each week you will get a new post with a fresh tip concerning Trend Internet Security. I promise you, my dear reader! Or you will unsubscribe :-) |
Tuesday, May 25, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment