Author: Joe Barr
Paul Simmonds, Global Information Security Director, ICI, gave the keynote speech entitled “This Decade’s Security Challenge.” Simmonds’ message might be startling to some. Boiled down to its essence, Simmonds says to forget perimeter defenses. We’ve lost that war. It’s over. It doesn’t work. the answer is to bring the defenses into close proximity with the data being protected. Guard the goodies, not the border. Unfortunately, that’s not as easy as it sounds.
Firewalls? Forget them. What corporations are doing today, Simmonds says, is installing Windows desktops with all ports open, plopping them behind a firewall, and feeling secure. They’re not. IDS at the edge? To borrow his own analogy, they make just as much sense as scanning passengers getting off a train at the station, hoping to spot someone who might be coming to rob your home.
Simmonds admits we are years away from being able to “de-perimiterize” defenses, but insists that a good design for data security must work whether there are firewalls in place or not. In the meantime, start moving all your Internet connections to secure protocols, start looking for portable, interoperable file security which provides the same user-specific permissions as the data moves from one machine to the next, and don’t leave ports open that you don’t need. And do it all using open standards.
Speaking of open standards, Simmonds is also heavily involved in The Jericho Forum, made up of corporate IT security professionals who believe that an Oracle security solution, or a Microsoft solution, or a Sun solution is not good enough. The Jericho Forum is “dedicated to the development of open standards to enable secure, boundaryless information flows across organisations.”
Following the keynote, the crowd spilled out of the conference room and scattered to one of five different locations for the next hour’s sessions. The Blackhat Briefings not only have a record crowd this year, but a record number of presenters and sponsors. There are five concurrent sessions each hour, all day. It’s busy.
More to come…
Category:
- Security