June 01, 2012
Debate

Debate: Sharing security data is the best way stifle cyber criminals

FOR

Conrad Constantine, research engineer, AlienVault 

Open information sharing develops an intrinsic capacity for intelligence and sustainable security practices within the fabric of business itself, freeing us from an artificial reliance on the business model of any particular vendor. Just as true scientific progress is robbed of the ability to make unintended discoveries when data is held behind a paid curtain, we cheat ourselves of the providence of progress via pure research in the field. The nature of the “information age” leaves no business an island. Being less insecure than your competition is an illusion of competitive advantage. Individually, nobody knows all the pieces to the puzzle, while collectively we hold most of them. When a few organizations hold all the cards, government regulation is inevitable. Our failure to realize our obligation to share intelligence and take a collective stand is why the Cyber Intelligence Sharing and Protection Act (CISPA) is the regulation we deserve, not desire. We can either make efforts to change our approach to defense, or continue to let our misery be monetized.

CON

 Abe Getchell, principal consultant, Cyber Security Professionals

Implementation of often-ignored basic countermeasures is a more effective way to protect critical information. The majority of recent, impactful security breaches could have been prevented by implementing these measures to protect information and systems considered critical to their respective organizations. These countermeasures, such as encryption of sensitive information in various formats and ongoing user-awareness training programs, are a few examples of universal best practices widely regarded as “the basics.” Every organization that conducts business on the internet is at risk, and threat agents will do the bare minimum to achieve their goals. Implementing basic countermeasures as a comprehensive approach to security will raise the bar for threat agents, increase their cost of doing business, and reduce their ROI. Basic security controls are usually effective enough to counter most threats. It is only when organizations have a handle on the basics can the full value of shared intelligence be realized. 

From the June 2012 Issue of SCMagazine »
Related Articles
Related Topics
close

Next Article in Opinions

Sign up to our newsletters

More in Opinions

Spotting the "black swans" of security

Spotting the "black swans" of security

How can it be that firms can feel confident in their security technology investments and their people, yet ultimately still believe that they remain at great risk?

Me and my job: Blake Frantz, Center for Internet Security

Me and my job: Blake Frantz, Center for ...

A brief Q&A with Blake Frantz, director of benchmark development, security benchmarks division, Center for Internet Security (CIS).

BlackBerry back in the game

BlackBerry back in the game

Thanks to BYOD, gone are the days of one single mobile device manufacturer or model to support, says Dimension Data Americas' Darryl Wilson.