Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Monday - Friday, 6-9 a.m.
Hosts Tom Temin and Emily Kopp bring you the latest news affecting the federal community each weekday morning, featuring interviews with top government executives and contractors. Listen live from 6 to 9 a.m. or download archived interviews on our daily show blogs.
X-Force: cyber attack trends are worrisome
Tuesday - 8/31/2010, 2:27pm EDT
Cybersecurity risks are like fruit flies. There are tons of them, and they constantly mutate. IBM's X-Force keeps a constant eye on cyber threats, including the reported vulnerabilities in published software.
The latest X-Force report found four emerging megatrends, according to IBM's vice president of security strategy, Kris Lovejoy.
- There's a new complexity in malware, Lovejoy said. Strains are now more resilient, self modifying and incrypted.
- There's a growing threat to online services, both to users and the industry. Lovejoy said they seem to be targeting new technology, such as level peer-to-peer and Voice over IP. There's also been an increasing threat to the financial sector, Lovejoy said.
- The market for software flaws has gotten bigger. There's a marketplace for bartering inside knowledge for tools for cybercrime
- There's a heightened threat to critical infrastructure, one that's enough to keep Lovejoy awake at night, because traditional protective measure currently in place just aren't enough anymore she said.
Lovejoy said that there should be better security as companies design an application, software, or network; the cost of finding and modifying a security vulnerability in the development phase is $80. If that defect goes to market, Lovejoy explained, companies face at least $7,600 in costs to structural changes, not to mention any financial casualties, and the impact to product reputation.
Her advice to companies? Build in security checkpoints into the development process, and make updating the system automated to eliminate the scope for human error.
This interview was part of today's Cybersecurity Update. Check out all of Federal News Radio's coverage of cybersecurity issues here.