Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Information Technology News
Automated security a recipe for disaster, experts say
Friday - 4/6/2012, 10:00am EDT
"The security industry has a tendency of moving something from having smart people to dumb processes. … Big data is not going to save you it's the people examining your big data that are going to save you," said Marcus Ranum, chief security officer of Tenable Network Security, at the 2012 InfoSec World Conference in Orlando.
Ranum was joined in a panel discussion by security experts Chris Nickerson, founder of Lares Consulting in Denver; and Alex Hutton, the director of operational risk at a financial institution.
Nickerson criticized CISOs who fail to customize compliance standards and other protection systems without taking into account the way their companies do business.
"We've failed at learning the general rules of battle, and we're now protecting things based on someone's standard instead of knowing our boundaries and what we can and can't do to protect those things to the best of our ability," Nickerson said.
While the panelists railed against the shortcomings of many security professionals in protecting their companies' systems from cyber attacks, they did point to some professionals who were changing their counter-threat operations.
Hutton pointed to company that has successfully linked nearly all of its systems to its data warehouse, essentially changing its IT staff into a team of counter-threat operators.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.