The HiWired Blog

« Bad news on the Vista front | Main | PcCillin passes »

May 10, 2006

Security failure alert

Noam Eppel of Vivica info writes a scathing review of computer security that doesn't reflect well on those who protect:


It is time to admit what many security professional already know: We as security professional are drastically failing ourselves, our community and the people we are meant to protect. Too many of our security layers of defense are broken. Security professionals are enjoying a surge in business and growing salaries and that is why we tolerate the dismal situation we are facing. Yet it is our mandate, first and foremost, to protect.

He raises a point I've made before when discussing the reasons:

Cyberspace's digital battlefield heavily favors the cyber criminal. A cyber-criminal only needs to identify a single vulnerability in a system's defenses in order to breach its security. However, information security professionals need to identify every single vulnerability and potential risk and come up with suitable and practical fix or mitigation strategy. Furthermore, the freedom, privacy and anonymity cyberspace offers, gives cybercriminals the opportunity and confidence to target victims around the world with little chance of being caught.

He says solutions will be offered in part two. It should make interesting reading.

Posted by Peter at May 10, 2006 11:53 AM

Comments

© 2007 HiWired Inc. All rights reserved.

The information in this blog is provided “AS IS” with no warranties, and confers no rights. This blog does not represent the thoughts, intentions, plans or strategies of our employer (HiWired, Inc.). It is solely, the bloggers’ personal opinions. Inappropriate comments will be deleted at the authors discretion. All technical solutions are provided “AS IS” without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.