Shows & Panels
- Accelerate and Streamline for Better Customer Service
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Client Virtualization Solutions
- Data Protection in a Virtual World
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Feds in the Cloud
- Health IT: A Policy Change Agent
- Improving Healthcare Outcomes through IT Policy
- IT Innovation in the New Era of Government
- Making Dollars And Sense Out of Data Center Consolidation
- Navigating the Private Cloud
- One Step to the Cloud, Two Steps Toward Innovation
- Path to FDCCI Compliance
- Take Command of Your Mobility Initiative
- Veterans in Private Sector: Making the Transition
Shows & Panels
X-Force: cyber attack trends are worrisome
Tuesday - 8/31/2010, 2:27pm EDT
Cybersecurity risks are like fruit flies. There are tons of them, and they constantly mutate. IBM's X-Force keeps a constant eye on cyber threats, including the reported vulnerabilities in published software.
The latest X-Force report found four emerging megatrends, according to IBM's vice president of security strategy, Kris Lovejoy.
- There's a new complexity in malware, Lovejoy said. Strains are now more resilient, self modifying and incrypted.
- There's a growing threat to online services, both to users and the industry. Lovejoy said they seem to be targeting new technology, such as level peer-to-peer and Voice over IP. There's also been an increasing threat to the financial sector, Lovejoy said.
- The market for software flaws has gotten bigger. There's a marketplace for bartering inside knowledge for tools for cybercrime
- There's a heightened threat to critical infrastructure, one that's enough to keep Lovejoy awake at night, because traditional protective measure currently in place just aren't enough anymore she said.
Lovejoy said that there should be better security as companies design an application, software, or network; the cost of finding and modifying a security vulnerability in the development phase is $80. If that defect goes to market, Lovejoy explained, companies face at least $7,600 in costs to structural changes, not to mention any financial casualties, and the impact to product reputation.
Her advice to companies? Build in security checkpoints into the development process, and make updating the system automated to eliminate the scope for human error.
This interview was part of today's Cybersecurity Update. Check out all of Federal News Radio's coverage of cybersecurity issues here.