EC-Council, member-based organization that certifies individuals in various information security and e-business skills, has called for developing cyber vaccination programmes via security coding education in a bid to address growing concerns related to Internet security.
EC-Council President Jay Bavisi made the appeal while addressing figures in government, industry, and academia at the US National Security Agency's CISSE Colloquium 2013, held last week.
Bavisi’s keynote address, entitled "The Cyber Security Quagmire: Finding the Panacea”, aimed to elucidate the information security industry’s successes, failures, and future out-of-the-box solutions that can be implemented, using the pharmaceutical industry’s fight against diseases as a model.
“We have unknowingly followed on the same path as the pharma industry. We quarantined our networks from attacks via firewalls, intrusion detection systems, and intrusion prevention systems. When this was insufficient, we introduced cyber hygiene by introducing security awareness programs, which introduced policies, processes, and controls,” he said, adding the next step should be a cyber-vaccine in order to propel the world’s organizations into a more secure future.
Bavisi continued by linking the results of a recent national level secure coding competition being conducted in India with nearly five thousand participants, Code Uncode, to the continuing plague of insecurity. Findings from the Code Uncode competition decisively prove there is a serious lack of knowledge in secure coding practices that could be a causative source of security breaches around the world.