Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Monday - Friday, 6-9 a.m.
Hosts Tom Temin and Emily Kopp bring you the latest news affecting the federal community each weekday morning, featuring interviews with top government executives and contractors. Listen live from 6 to 9 a.m. or download archived interviews on our daily show blogs.
X-Force: cyber attack trends are worrisome
Tuesday - 8/31/2010, 2:27pm EDT
Cybersecurity risks are like fruit flies. There are tons of them, and they constantly mutate. IBM's X-Force keeps a constant eye on cyber threats, including the reported vulnerabilities in published software.
The latest X-Force report found four emerging megatrends, according to IBM's vice president of security strategy, Kris Lovejoy.
- There's a new complexity in malware, Lovejoy said. Strains are now more resilient, self modifying and incrypted.
- There's a growing threat to online services, both to users and the industry. Lovejoy said they seem to be targeting new technology, such as level peer-to-peer and Voice over IP. There's also been an increasing threat to the financial sector, Lovejoy said.
- The market for software flaws has gotten bigger. There's a marketplace for bartering inside knowledge for tools for cybercrime
- There's a heightened threat to critical infrastructure, one that's enough to keep Lovejoy awake at night, because traditional protective measure currently in place just aren't enough anymore she said.
Lovejoy said that there should be better security as companies design an application, software, or network; the cost of finding and modifying a security vulnerability in the development phase is $80. If that defect goes to market, Lovejoy explained, companies face at least $7,600 in costs to structural changes, not to mention any financial casualties, and the impact to product reputation.
Her advice to companies? Build in security checkpoints into the development process, and make updating the system automated to eliminate the scope for human error.
This interview was part of today's Cybersecurity Update. Check out all of Federal News Radio's coverage of cybersecurity issues here.