The changing face of security

As more and more sensitive data is stored online, and is easier to access, the need for both protection and enforcing data access increases. Ross Wilson, Managing Director, South Asia, RSA Security speaks to Deepali Gupta.

Which verticals or category of businesses are most vulnerable?

All industry verticals are vulnerable, but obviously those that have sensitive and valuable data make the best targets. Some examples are BFSI companies, telcos, pharmaceutical companies, and governments.

How are any new threats different from the existing ones?

The main difference is that the new threats are driven by the promise of financial return through theft or fraud—and money is a great driver. The perpetrators are more likely to spend more time and effort, and be more focussed if there is the potential of monetary gain.

Are the current security solutions insufficient?

Each system and company has different security needs. Given that there is no such thing as 100% security (at least for an accessible system) the more pertinent question would be, are most people applying the appropriate security for their needs? The answer to that is, almost certainly, no.

A lot of time and money is spent on perimeter security (firewalls), but little is done about ensuring proper authentication of users. If a hacker signs on with a stolen password he or she will be awarded all the rights of a genuine user-all the security in the world can't stop that, as the system is only obeying orders!

What are the features of the new solutions?

They will be dynamic and flexible and there should be a focus on Identity Management to ensure that only the right people have access in the first place. Strong authentication will remain the essential foundation for any identity and access management solution.