Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- Value of Health IT
Shows & Panels
Information Technology News
Automated security a recipe for disaster, experts say
Friday - 4/6/2012, 10:00am EDT
"The security industry has a tendency of moving something from having smart people to dumb processes. … Big data is not going to save you it's the people examining your big data that are going to save you," said Marcus Ranum, chief security officer of Tenable Network Security, at the 2012 InfoSec World Conference in Orlando.
Ranum was joined in a panel discussion by security experts Chris Nickerson, founder of Lares Consulting in Denver; and Alex Hutton, the director of operational risk at a financial institution.
Nickerson criticized CISOs who fail to customize compliance standards and other protection systems without taking into account the way their companies do business.
"We've failed at learning the general rules of battle, and we're now protecting things based on someone's standard instead of knowing our boundaries and what we can and can't do to protect those things to the best of our ability," Nickerson said.
While the panelists railed against the shortcomings of many security professionals in protecting their companies' systems from cyber attacks, they did point to some professionals who were changing their counter-threat operations.
Hutton pointed to company that has successfully linked nearly all of its systems to its data warehouse, essentially changing its IT staff into a team of counter-threat operators.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.