Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Information Technology News
Automated security a recipe for disaster, experts say
Friday - 4/6/2012, 10:00am EDT
"The security industry has a tendency of moving something from having smart people to dumb processes. … Big data is not going to save you it's the people examining your big data that are going to save you," said Marcus Ranum, chief security officer of Tenable Network Security, at the 2012 InfoSec World Conference in Orlando.
Ranum was joined in a panel discussion by security experts Chris Nickerson, founder of Lares Consulting in Denver; and Alex Hutton, the director of operational risk at a financial institution.
Nickerson criticized CISOs who fail to customize compliance standards and other protection systems without taking into account the way their companies do business.
"We've failed at learning the general rules of battle, and we're now protecting things based on someone's standard instead of knowing our boundaries and what we can and can't do to protect those things to the best of our ability," Nickerson said.
While the panelists railed against the shortcomings of many security professionals in protecting their companies' systems from cyber attacks, they did point to some professionals who were changing their counter-threat operations.
Hutton pointed to company that has successfully linked nearly all of its systems to its data warehouse, essentially changing its IT staff into a team of counter-threat operators.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.