Challenges for I.T. Engineers : cyber attacks and data security
--------------------------------------------------------------------------------
From a corporate perspective, experts say the required response to these threats has two sides. The first is protecting IT infrastructure, meaning the systems, hardware, software and networks used by an organization. The second involves protecting the actual information or data that is supported by that infrastructure, whether the information is in motion, in use or in storage. Complicating those efforts, however, is the need to protect the business environment while ensuring that employees have access to the information and services they need to do their jobs.
-----------------------------------------------------------
"We have witnessed companies going under, or being severely hit, due to a single untoward event. As a result, how to better manage and finance extreme events is now a question discussed by many more board of directors than five or 10 years ago."
( reminded me of ' Black Swan' by Nassim Nicholas Taleb)
--------------------------------------------------------------------------
"What has changed is that both companies and hackers have grown sophisticated. So the good news is that most security software will protect us from the most basic threats, which was not the case in the past. But the bad news is that malware and viruses have become more sophisticated, so even advanced users can fall prey to them."
----------------------------------
Experts say that the recent attacks on information security suggest at least three things: First, that hackers increasingly know exactly what they want, while their targets often struggle to understand the threat or where it is coming from. Second, that attackers continue to rapidly develop new ways to access what they want, and as a result, the threats can come from anywhere. (For example, The New York Times disclosed this year that hackers were trying to use online advertising on the newspaper's own website to disseminate malware.) Finally, observers believe that almost everyone and every company ultimately is at risk, a result of today's highly networked global economy and communications infrastructure
---------------------------------------------------------
Here, monitoring and controlling access to information become even more challenging, as systems must be able to work both in-house and virtually, especially in cases of multi-tenant systems, where several companies or accounts may have sensitive information managed by a single server. CIO magazine recently reported that 51% of CIOs cited security as the greatest concern surrounding cloud computing.
------------------------------------------------------------
One approach often used in military scenario-planning exercises, for example, is to split key participants into two teams and run a one-day exercise where one team cooks up potential cyberattacks while the other team designs a response. "You will be surprised by how imaginative your employees can be about what is your true weak link," Michel-Kerjan points out. "Keep in mind here that what can seriously hurt you will not be a 'usual' scenario."
-------------------------------------------------------
From :
http://knowledge.wharton.upenn.edu/article.cfm?articleid=2535
No comments:
Post a Comment