Besides the obvious buzz and discussion around the newsworthy NSA security leak and Edward J. Snowden, speakers were defiant in relaying several significant messages to the crowd of security execs. One message which repeated itself throughout the summit was: Cyber War is a real threat, and the “bad guys” are winning.
Hearing industry leaders such as Admiral Michael Mullen and Symantec CEO Steve Bennett describe the cyber war as “good guys vs. bad guys” placed a comic book type spin on this critical issue. But the message was clear, the bad guys are winning. The good guys need to break away from internal competition with one another and join forces, share ideas and collaborate to defeat evil hackers and creators of cyber-crime. Integration efforts need to be a focus of every company – this may come in the form of Open API, shared findings, conferences and even mergers or acquisitions, communication and transfer of information is crucial.
I spoke further on this with a colleague; the security industry has built large silos of expertise and focused insight. The competition between independent companies within a similar cyber security vertical has become so fierce that we often lose sight of the greater picture – how to win the war on cyber-crime. We refrain from sharing information and collaborating on technology, innovation and findings. By working together, we could fill multiple voids between silos and therefore thwart off harmful attacks. At the same time, we can provide cleints with reliable and well-rounded solutions. The hackers (“the bad guys”) consistently leverage technological loopholes between companies to engage in harmful warfare. The answer is work together.
The bad guys are resilient and stubborn. As Marc Spitler, a senior security analyst at Verizon put it, “Never underestimate the tenacity of the attacker.” Cyber activists and criminals will continue to attack with relentless determination. These hackers are highly skilled and have seemingly limitless resources. By working together, sharing ideas and promoting the values of good, we can properly defeat the “bad guys”, but this is a big challenge…we need to begin now.
VP SaaS Operations at Checkmarx
The Gartner Security and Risk Management Summit took place in Washington DC, 10-13 June 2013.
Summit website: http://www.gartner.com/technology/summits/na/security/
Sign up today & never miss an update from the Checkmarx blog
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.