As I view the landscape of emerging technologies, such as mobile devices, smart electrical grids and my current passion - cloud computing, it is apparent to me that innovation has not made common cause with security, and likely never will.
I started reading SC Magazine over 15 years ago, pre-Haymarket, when I started my journey in the information security industry. Back then it was a small publication that gave users and vendors direct insight into emerging security technology, alerts and products.
As the complexity factor increases, requirements for security architects will be paramount. As more services are provided by partners accessing them via the extranet, the need for identity management, the ability to attest to the authenticity of the data, and the security of the environment will be a challenge.
In the last twenty years, the internet has made everyone equidistant. Today's technology-savvy crooks do not have to be physically near their victims; they may remain comfortable hundreds or thousands of miles away while they act. Through automation, they can perform reconnaissance on a large number of targets within minutes. They also don't have to take the time to physically carry cash and instead rely on electronic transfer.
Twenty years ago, IT security was just an afterthought at the bottom of everyone's priority list. The mischief that ensued was primarily for bragging rights and personal satisfaction. As businesses have transitioned to conducting 99+ percent of their essential functions electronically, the motivation has also shifted from egotistical to monetary. To say that IT security practices have not kept pace is an understatement.
During the past two decades malware has evolved significantly and has continuously raised the bar in terms of sophistication and pervasiveness.
Looking to where we are today, the biggest change is the convergence of security, privacy and data stewardship. No longer does the security professional need to consider intrusions, but the boarder impact of data governance, consumer rights as well as regulatory obligations.
One could look at a wide view of information security and see numerous events, applications and incidents that could be defined as catalyst for critical changes in information security. However, I believe that the overarching critical evolution is in the formalized development of the field of information assurance (IA)/security.
SC Magazine Articles
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- 'Password attacks' continue; Citrix becomes latest victim
- Guccifer 2.0 out - Cozy Bear, Fancy Bear hacked DNC, Fidelis analysis shows
- Acer breach caused by improperly stored data
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- MIRCOP ransomware blames victim for attack, demands $28K ransom
- CYBERCOM 'reluctant' to cut off Islamic State internet
- Chinese tech professional caught selling secrets
- How 154M U.S. voter records will affect Americans' security - industry reacts