2008 In Review
If any day would be the right day to start a Blog on cyber security, it would be today. Today has been declared as National Data Privacy Day. The United States House of Representatives has approved a bill declaring today National Data Privacy Day. Now more than ever we are going to see more organizations involved, becoming aware and preaching on privacy.
There have been many changes, mostly for the good in how personal data is handled, laws both on the State and Federal levels have been ratified. California seems to have taken the lead while other States are forced into finally doing something.
In 2008 we have seen a 47% increase in data breaches over 2007. You have to ask, Why is that? There are many factors I believe driving the surge in cyber crimes but you need to first break down what dynamics we have seen taking place over the last five or so years.
I believe that most companies if not all now have networks as part of the public internet. Yes, some would argue that companies networks are connected to the internet but are "Protected" by firewalls. Firewalls have been around for how many years? Let's face it, hackers and cyber criminals have long figured out means of getting by or blowing through a firewall. What needs to happen in this companies is a fundamental change in the way they provide data and employee protection both from outside and inside threats.
The term Blended or Defense in Depth approach is used by some of the industry experts including myself. I truly believe in order to pro-actively protect/defend your network and data, companies must deploy more than a single technology to defend it.
As we have witnessed the evolution of networks, we are now realizing that there needs to be an evolution as to how we protect our networks. Traditional technologies of yesteryear no longer will surfice for tomorrow's threats.
Another change we have seen is users blurring their social life, personal life and work life with regards to corporate Internet usage. As harmless as it may seem, some websites and social sites can and sometimes are harmful to a corporation. However the casual user cannot tell that a threat lurks beneath.
We have come to a point that businesses may require technology that can be self monitoring, self healing and provide remediation without human intervention. I see this happening with the newer Third and Fourth generation Intrusion Prevention Solutions Such as Top Layer Secuirty's IPS products. Older IPS that are dependent on signatures alone are now past their prime.
I will write more on the newer security technolgies later in this blog including some of the cyber attacks that have taken place. Nobody is escaping the attacks. It's not just government agencies the hackers are after, they are after any site, server or PC that contains company or personal data that can be used for financial gain or other motivators.
I welcome your views and insights as we build a blog that can be a place others can sign into for guidance and knowledge.
There have been many changes, mostly for the good in how personal data is handled, laws both on the State and Federal levels have been ratified. California seems to have taken the lead while other States are forced into finally doing something.
In 2008 we have seen a 47% increase in data breaches over 2007. You have to ask, Why is that? There are many factors I believe driving the surge in cyber crimes but you need to first break down what dynamics we have seen taking place over the last five or so years.
I believe that most companies if not all now have networks as part of the public internet. Yes, some would argue that companies networks are connected to the internet but are "Protected" by firewalls. Firewalls have been around for how many years? Let's face it, hackers and cyber criminals have long figured out means of getting by or blowing through a firewall. What needs to happen in this companies is a fundamental change in the way they provide data and employee protection both from outside and inside threats.
The term Blended or Defense in Depth approach is used by some of the industry experts including myself. I truly believe in order to pro-actively protect/defend your network and data, companies must deploy more than a single technology to defend it.
As we have witnessed the evolution of networks, we are now realizing that there needs to be an evolution as to how we protect our networks. Traditional technologies of yesteryear no longer will surfice for tomorrow's threats.
Another change we have seen is users blurring their social life, personal life and work life with regards to corporate Internet usage. As harmless as it may seem, some websites and social sites can and sometimes are harmful to a corporation. However the casual user cannot tell that a threat lurks beneath.
We have come to a point that businesses may require technology that can be self monitoring, self healing and provide remediation without human intervention. I see this happening with the newer Third and Fourth generation Intrusion Prevention Solutions Such as Top Layer Secuirty's IPS products. Older IPS that are dependent on signatures alone are now past their prime.
I will write more on the newer security technolgies later in this blog including some of the cyber attacks that have taken place. Nobody is escaping the attacks. It's not just government agencies the hackers are after, they are after any site, server or PC that contains company or personal data that can be used for financial gain or other motivators.
I welcome your views and insights as we build a blog that can be a place others can sign into for guidance and knowledge.
posted by Ken Pappas, President at
12:48 PM
0 Comments
