Thursday, June 23, 2011

The Code War | Forrester Blogs

Excerpt from a stark security reality check by George Colony

The problem for you is that this quiet war will injure many innocent bystanders -- corporations whose systems are breached by the highly complex new attack technologies. Instead of employing a smash-and-grab audacious approach, the attackers are increasingly utilizing a "low and slow" attack methodology, gathering sensitive information over weeks or months. Increasingly these hackers are targeting intellectual property that companies and governments have built over decades. Google, Northrop Grumman, and Siemens have recently been caught in the cross-fire, and some have said that RSA, a subsidiary of EMC, may not be able to survive as a business given the breach of its core system.

You should be aware of two factors: 1) the frequency of attacks are about to increase, and 2) the attacks will become increasingly sophisticated -- most likely beyond the skills and capabilities of your security staff. You can prepare by taking three actions: 1) Ask your CIO for an assessment of current security capabilities and have him build a contingency plan, 2) Engage CEOs of companies in your sector and work to build mutual protections, and 3) Prepare to ask your federal government for assistance. Collective action and data sharing will be an important survival strategy as the Code War rages...

The Code War | Forrester Blogs

Post a Comment