An information security blueprint, part 1

Symantec's Francis deSouza lays out the requirements for a more practical way of addressing information security threats

By Francis deSouza, CSO |  Security, Symantec

The recent the Hydraq attacks were the latest example of just how radically the Internet threat landscape has changed over the past few years, and how vulnerable companies and their information stores are to cyber attacks. The attackers were not hackers, they were criminals attempting to steal intellectual property. Hydraq is an example of how cybercrime has evolved from hackers simply pursuing public notoriety to covert, well-organized attacks that leverage insidious malware and social engineering tactics to target key individuals and penetrate corporate networks. Many of today's attacks are highly sophisticated espionage campaigns attempting to silently steal confidential information. This should raise the alarm for companies of all sizes and across all industries, as information is a business' most valuable asset. Information not only supports business, it also enables and helps drive it in a global marketplace in which having the right information at the right time can mean the difference between profitability and loss.

Also see Information Security Management: The Basics

However, while information security has never been more important, it has also never been more challenging. Businesses have more information to protect at more points against more threats than ever before. In such an environment, businesses can build an effective defense only after they first understand the peculiarities of today's threat landscape and then identify their own specific areas of vulnerability. Armed with this information, organizations can then develop an information security blueprint that is right for them--one that is comprehensive, proactive, enforceable, and manageable.

More Threats, More Complexity

Today's headlines are rife with accounts of information security threats and data breaches, and this alarming trend is clearly borne out in statistics as well. For example, in 2009, Symantec identified more than 240 million distinct new malicious programs, a 100 percent increase over 2008.


Originally published on CSO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness