Security can learn from medical practice
The IT security industry should take a leaf from the medical environment's book if it is to emerge from the current threats it is exposed to.
So said Gabi Reish, head of product management at Check Point Software Technologies, in a keynote address at the ITWeb Security Summit, at the Sandton Convention Centre yesterday.
In his presentation, themed “Strong Security in a Vulnerable World”, Reish noted that it is through global collaboration that the medical industry managed to contain the H1N1 virus, which had claimed close to 60 000 lives.
However, he noted that, in the IT world, organisations are reluctant to share information about security breaches and the “bad guys” will always use this to their advantage.
In the cyber world, he explained, information sharing takes a lot of time. “Let's use the concept of collaboration, which has become necessary for survival.
“Many of the organisations that suffer breaches are not sharing information and that should be the best way to defend ourselves. In a recent study, it was noted that 85% of the breaches took weeks or more to discover because information was not shared. At the end of the day, each organisation is capable of identifying threats.”
He also revealed that, since attacks have become co-ordinated, the industry also needs to take a consolidated approach as a defence strategy.
Many of the organisations that suffer breaches are not sharing information and that should be the best way to defend ourselvesGabi Reish, head of product management at Check Point Software Technologies
“Organisations need to take a multi-layered consolidation approach, since attacks also constitute multiple vectors.”
He pointed out that a consolidated approach enables organisations to see what is happening to the enterprise from a single view.
Reish also spoke against the tendency of many organisations to respond to attacks by adding more security.
“We should ask ourselves if this strategy is working or not. According to research done this year, 12% of CIOs are less confident in the security effectiveness of their systems compared to 2009.”
He also revealed that the main sources of vulnerability lie with humans as well as the technology they use.
“We use millions of lines of code, which are very complex, and this opens up vulnerabilities,” he said. “There are also millions of machines that we are using today, for example iPads and laptops, which also give room to vulnerabilities.”
He further urged organisations to beef up their security and, at the same time, not compromise business in doing so.
“IT security departments should engage with the end-users, as they are bringing lots of devices to the organisations. Though this brings a burden to security, policing the end-users usually results in stopping business operations.”
Thus, he explained, organisations' security has to be based on trust, which he said can only be achieved by supporting user needs.
“The policies have to be readable and understandable as well as reasonable and practical,” Reish concluded.