HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 14 MINUTES AGO.
You are here: Home / Customer Data / Human Element Overlooked in Security
Neustar, Inc.
Protect your website & network using real-time information & analysis
www.neustar.biz
Human Element Overlooked in Security, HP Expert Says
Human Element Overlooked in Security, HP Expert Says
By Adam Dickter / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
FEBRUARY
28
2014

Want to protect your data and make your enterprise more secure? Invest more in human resources than in technology, think like the bad guys, and redefine success in the war against cybercrime. That's some of the advice shared this week at the RSA Security Conference by Art Gilliland, Hewlett-Packard's senior VP for Software Enterprise Security Products.

Gilliland told some of the 25,000 attendees at the RSA conference in San Francisco's Moscone Center that his company's research shows that too many businesses rely excessively on software and hardware to protect their systems. Meanwhile, they skimp on safe practices by smart managers.

"We are over-invested in product," he said.

Rather than chase "silver bullets," he said, companies must invest in a trifecta of "people, process and technology." Companies that did so have seen 21 percent better returns on their investment and saved an average $4 million more than other companies.

Invest In Compliance

Based on assessments of 96 companies globally, HP found that most spent 86 percent of their security budget trying to block threats at the infiltration stage. Meanwhile, personnel had a minimalistic "check box" approach toward security practices and policies.

"Almost a quarter of the people implementing this strategy failed to meet the minimum security standards they set for themselves," he said. "They are aspiring toward the low bar of compliance. And, 30 percent failed to even meet compliance."

The war against hackers might seem like a lost cause since spending on defensive measures last year went up 20 percent, while damage from cyber criminals increased 30 percent, Gilliland said.

But he countered that the good guys and bad guys are held to different standards.

"There is a structural imbalance in our industry," said Gilliland in his address, which was recorded for viewing on RSA's Web site. "For us to define success, we need to be right every time, we need to be perfect. For the adversary to define success, he only has to be right one time." Give up looking at the war as a zero sum game, he said, because companies block the vast majority of threats.

Understand Your Enemy

Gilliland also said it is important to realize that criminals use the same methods and processes as anyone else to do their work. Only their motivation is different. So it's crucial to understand how their marketplace looks and works.

He detailed the layers of the "attack lifecycle," beginning with those who research and profile networks and systems, then put out feelers to sell that profile to someone else. The next person buys those profiles and uses them "either to understand what kind of toolkits to build or to trick us to break into the network through a bunch of access points," Gilliland said. Those access points can then be mapped and sold to someone else.

In the final step, the hacker accesses information, either to steal or destroy it. He noted that the data security industry spent $46 billion last year to protect itself from the rising level of threats.

Those threats made this year's RSA Conference the biggest in its 21-year history in terms of participants, exhibitors and speakers.

"Data security has been a prevalent theme this year," said John Shier, a security adviser with Sophos, in an e-mail from the conference. "The combination of the NSA revelations [about monitoring civilians] and the data breaches has meant that more people are looking for ways to protect their data, regardless of whether it's the supposed 'good guys' or the crooks that are trying to get their hands on it."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN CUSTOMER DATA
Product Information and Resources for Technology You Can Use To Boost Your Business

ENTERPRISE HARDWARE SPOTLIGHT
Making a major change to its usually staid design philosophy, HP unveiled an all-in-one PC with built-in projector and surface-enabled touch, designed to make 3D scanning and printing easy.
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.