 |
Approx. 203 kB |
|
|
For help with .pdf file downloads, please check out the help topic. |
Return to Business Communications Review Gold Sponsor Archives
The Sad And Increasingly
Deplorable State Of Internet Security, Revisited
By Lisa Phifer and David Piscitello
Published June 2007; Posted August 2007
Abstract:
Is your organization part of the
problem, or part of the solution?
In the February 2003 issue of BCR, we claimed that, “overall, Internet security
really is in horrible shape.” We were convinced by computer crime statistics,
incident reports and our collective experience that the security technology
deployed to date had not proven effective. In fact, incident frequency and cost
were increasing at an alarming rate, despite the fact that most organizations
were claiming to have deployed state-of-the-art security defenses.
In our 2003 article, we also predicted that security would worsen before it
improved. We cited insecure operating system (OS) and network architectures,
lame authentication, poor software engineering, lax security management and
creeping featurism as principal root causes for this “fall from security grace.”
We concluded with a measure of hope, however, suggesting that feature moratoria,
software reliability agreements, administration improvements and perhaps more
regulatory influence could improve Internet security.
Now, four years later, BCR has again invited us to comment on the state of
Internet security. Overall, we find that while security threats have evolved,
the root causes of security vulnerability haven’t changed, and they are still
being ignored in favor of “quick fixes” to ease security symptoms. Although most
of our 2003 advice hasn’t been taken, progress is being made in a number of
areas, including more secure operating systems and protocols, unified threat
mitigation and identity-based network access controls.
|
|
|
||||
|
|
|||||
|
|
Return to Business Communications Review Gold Sponsor Archives |
About the authors:
Dave and Lisa own Core Competence, a network security technology consulting firm focused on emerging technologies and best practices.
|
|
This article is reproduced by special arrangement with our partner, Business Communications Review. |
Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information. Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site. Please encourage colleagues to download their own copy after registering at http://www.webtorials.com/reg/.
