The number of known data breaches just keeps piling up over the years, but consumers that have had their personally identifiable information lost or stolen are finding that lawsuits arent generally effective, Granick pointed out. She also said that the law expects to see a standard of care of a reasonable person, but there theres little formal consensus on that in computer security and among security experts, who often leave people mystified by what theyre talking about.
The panel turned a bit argumentative when it came to discussing Stuxnet and Flame, now believed to be cyber-weapons created by the U.S. with Israel, with President Obama secretly ordering an attack on an Iranian facility suspected of trying to develop nuclear weapons.
Moss said the cyberattack can be seen as a better military alternative to blowing things up and killing people. But Ranum indicated he didnt buy that argument, that its still an attack, whether it happens against the DoD or Iran. These attacks still involve going through civilian infrastructure it was pointed out, and Granick even called it a crime against humanity.
On the question of whether security will be better or worse in the future, Moss said, Well get better at running, and at that Schneier responded, The bad guys will always run faster.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org.
Read more about wide area network in Network World's Wide Area Network section.