Blended threats need an intelligent response, exec says

IT security threats will become more widespread and sophisticated in 2003, and end users will have to lift their game in order to contain those threats, according to Piti Pramotedham, managing director, Asia South, for Computer Associates International Inc.

“In an era when companies are connected to the outside world, they spend money on security to protect their brand and their image as a trusted partner, he said at the Asia-Pacific IT Forum here Tuesday. “It is important to recognize that good security is an enabler of business nowadays.”

Opportunities for security threats in 2003 will come from:

– shrinking IT budgets

– greater use of wireless LANs

– greater use of Web services

– more sophisticated blended attacks which combine several attack methods.

Many of the problems stem from the reactive nature of security measures taken by many companies, according to Pramotedham.

“(The attitude of many users is) I’ll use more money, more technology and if I find a hole I’ll bandage it,” he said. “But even with double firewalls and other technology it is impossible to plan for an attack you’ve never seen before.”

In real life, security isn’t usually a cleanly architected defense in depth, but more of a jungle, with disparate security products working independently of one another and providing alerts of different.

“How many companies buy their security gear from a single vendor? None. There is an information overload and it becomes hard to separate the signal from the noise,” Pramotedham said. “Companies must integrate and normalize their security alerts.”

The cost of providing unified security management is high, because of the large volume of data involved, but is a necessary expense in order to improve security, according to Pramotedham.

“We need to slow the security process down so that humans can deal with it,” Pramotedham said. “It is humans who catch other humans, not machines