“We are trying to secure democratized technology with an unsustainable security model; it’s time to break it and put it back together,” said Wendy Nather, Head of Advisory CISOs for Cisco, in her keynote address at this year’s RSA Conference.
It’s evident that the old ways of building security no longer work, she says. Consider:
Training and security exercises tell individuals not to click malicious links, yet the individuals still do. Maybe that’s because, Nather proposes, it’s unreasonable to expect users to refrain from using the Internet the way it’s designed -- where it’s all about clicking. It would make more sense to build in security so that they could safely click anything.We’re seeing the same security vulnerabilities and mistakes that were designed into web servers years ago now being designed into mobile systems and the Internet of Things (IoT), because different populations are doing the development and haven’t had a chance to learn from past experience.
Security is often “us versus them” or security professionals against users, perpetuating a culture of exclusivity rather than collaborative security.
For security to become more effective, security leaders must flip the script. Nather offers three steps toward doing so.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
