How to limit the damage from hackers

By on
How to limit the damage from hackers
Page 1 of 6  |  Single page

When thousands of security professionals and exhibitors gather each year in San Francisco for the annual RSA Conference, the mood typically is one of hope and promise. Keynotes, session tracks and vendor pitches traditionally promote the ideal that, while today’s adversaries are worthy, cunning and deep- pocketed, they can be kept at bay with the right combination of people, policies and processes.

But just days before this year’s installment was set to open in February, hackers infiltrated the network of HBGary Federal to expose the sometimes-embarrassing email communications of the security services firm and its sister company, HBGary. The incident certainly placed a damper on the proceedings in the City by the Bay.

“I think people except basic companies to which security is not core to be more vulnerable,” says Josh Corman, a research director at the 451 Group. “But I think that was a smack to the head to say security companies are potentially as prone to attack. It got very real, very quickly.”

The news didn’t get any cheerier after the conference closed, with revelations that at least two other high-profile security firms, RSA and Comodo, sustained precision attacks that, at the very least, demonstrated the ease by which criminals can claim proprietary information that doesn’t belong to them.

Which all begs the question: Is today’s security model fundamentally broken? Some experts believe it is.

But the more pressing question may be: Should organisations housing valuable assets accept the inevitable – that their systems will be successfully penetrated, if they haven’t already – and instead face their fate by focusing efforts around limiting the damage and forcing the attacker to expend more resources than they would like?

It is a difficult question to answer “no” to, especially considering recent developments (including email marketing firm Epsilon’s massive breach), and going back

to last year’s stealthy “Aurora” compromises, in which Google and a number of other Fortune 100s were successfully penetrated by what has come to be known as the advanced persistent threat.

Next Page
1 2 3 4 5 6 Single page
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2010 Computing
Tags:
apt assessment buffer ciso comodo eeye hacking hbgary overflow rsa security threat vulnerability

Partner Content

Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services
Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
Tech Research Asia to present Australian IT M&A report

Tech Research Asia to present Australian IT M&A report

Log in

Email:
Password:
  |  Forgot your password?