Shows & Panels
- Accelerate and Streamline for Better Customer Service
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Client Virtualization Solutions
- Data Protection in a Virtual World
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Feds in the Cloud
- Health IT: A Policy Change Agent
- IT Innovation in the New Era of Government
- Making Dollars And Sense Out of Data Center Consolidation
- Navigating the Private Cloud
- One Step to the Cloud, Two Steps Toward Innovation
- Path to FDCCI Compliance
- Take Command of Your Mobility Initiative
Shows & Panels
Information Technology News
Automated security a recipe for disaster, experts say
Friday - 4/6/2012, 10:00am EDT
"The security industry has a tendency of moving something from having smart people to dumb processes. … Big data is not going to save you it's the people examining your big data that are going to save you," said Marcus Ranum, chief security officer of Tenable Network Security, at the 2012 InfoSec World Conference in Orlando.
Ranum was joined in a panel discussion by security experts Chris Nickerson, founder of Lares Consulting in Denver; and Alex Hutton, the director of operational risk at a financial institution.
Nickerson criticized CISOs who fail to customize compliance standards and other protection systems without taking into account the way their companies do business.
"We've failed at learning the general rules of battle, and we're now protecting things based on someone's standard instead of knowing our boundaries and what we can and can't do to protect those things to the best of our ability," Nickerson said.
While the panelists railed against the shortcomings of many security professionals in protecting their companies' systems from cyber attacks, they did point to some professionals who were changing their counter-threat operations.
Hutton pointed to company that has successfully linked nearly all of its systems to its data warehouse, essentially changing its IT staff into a team of counter-threat operators.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.