The changing face of security
more and more sensitive data is stored online, and is easier to access, the
need for both protection and enforcing data access increases. Ross Wilson,
Managing Director, South Asia, RSA Security speaks to Deepali Gupta.
Which verticals or category of businesses are most vulnerable?
All industry verticals are vulnerable, but obviously those that have sensitive
and valuable data make the best targets. Some examples are BFSI companies, telcos,
pharmaceutical companies, and governments.
How are any new threats different from the existing ones?
The main difference is that the new threats are driven by the promise of financial
return through theft or fraudand money is a great driver. The perpetrators
are more likely to spend more time and effort, and be more focussed if there
is the potential of monetary gain.
Are the current security solutions insufficient?
Each system and company has different security needs. Given
that there is no such thing as 100% security (at least for an accessible system)
the more pertinent question would be, are most people applying the appropriate
security for their needs? The answer to that is, almost certainly, no.
A lot of time and money is spent on perimeter security (firewalls),
but little is done about ensuring proper authentication of users. If a hacker
signs on with a stolen password he or she will be awarded all the rights of
a genuine user-all the security in the world can't stop that, as the system
is only obeying orders!
What are the features of the new solutions?
They will be dynamic and flexible and there should be a focus
on Identity Management to ensure that only the right people have access in the
first place. Strong authentication will remain the essential foundation for
any identity and access management solution.