New security challenges are emerging that are beyond the capabilities of
run-of-the-mill security solutions
Looking back at the past year, it is evident that the security arena has undergone dramatic changes. Ever evolving spyware and malware have grown in complexity and sophistication. Attackers have been using innovative methods of finding vulnerabilities in applications and networks.
Over and above attacks and increasing discovery of vulnerabilities, there is a dogging issue in compliance and regulatory requirements that are becoming more and more stringent. As Indian enterprises play in the global marketplace, adhering to global standards have become mandatory. Thus enterprises are taking a lot more interest in security initiatives than ever before.
On similar lines, the discussion continued during the recently held NASSCOM security conclave at Mumbai, where President, Som Mittal and Chairman, Dr Ganesh Natarajan expressed their views on importance of information security as a boardroom strategy. Says Mittal, “Security is no more a competitive edge, but mandatory for enterprises today. One of the key aspects companies are forgetting to address is the issue of HR in their security strategy.”
New developments are underway, including steep rise in scope and severity of cyber crime activities. We have seen a dramatic increase in data-breaches not only to individuals but also reputable organisations. Government sponsored espionage is also not unheard of. All of these have given birth to new security challenges that are beyond the capabilities of run-of-the-mill security solutions.
Says Alan Paller, a security expert and Research Director at SANS, “The state of cyber crime across the world is beyond imagination. Cyber crimes are not what used to be. Today it is a multi-million dollar industry that uses technology prowess to extort, steal money from businesses and individuals.”
Worldwide Threat Landscape
The growth rate in vulnerabilities and malware has doubled in 2007 compared with 2006, according to McAfee Avert Labs data. The National Institute of Standards and Technology and the Computer Emergency Response Team Coordination Center have seen a rapid increase in vulnerabilities in recent years.