Trusted IT technologies are failing
Recent high-profile hacks and security breaches are highlighting an urgent need to revisit the way information security is managed. Following a series of high-profile breaches, major information security vendors are conceding that there is little to stop a determined cyber criminal from breaching security and wreaking havoc; therefore IT security needs a rethink.
This will be the theme of the annual ITWeb IT Security Summit to be staged at the Sandton Convention Centre from 15 to 17 May this year.
SensePost Security consultant and member of the ITWeb IT Security Summit 2012 advisory committee, Dominic White, says recent compromises of supposedly secure technologies and companies are a clear warning that more effort needs to be put into IT security. White says more political will is needed to fix technologies known to be broken.
Bevan Lane, director of Infosec Consulting, says the dangerous new trend towards hacktivism - hacking into an organisation's site and data to make a point - shows there is little to stop a determined hacker from accessing whatever he wants to. "The worrying thing about this is that it's increasingly widespread, and that hacktivist groups appear to have succeeded in accessing all their targets."
Lack of control over mobile devices
Hacktivist groups may number hundreds of individuals working together around the world, and have scores of sympathisers. So tracking them down and stopping them is complicated. Because they usually succeed in breaching their targets' security, more needs to be done to guard against such attacks, and mitigate damage, says Lane.
Another new challenge to IT security is the exponential growth in enterprise mobility. Unsecured mobile devices and a lack of control over how they access company information has left an open door to enterprise IP, warns Bennie Labuschagne, director of Cyber Forensics at Cyanre, the Computer Forensic Lab.
Labuschagne says companies may go to great lengths to secure their networks, but once they allow unmanaged mobile access to these networks, existing security is rendered pointless. How this issue is managed demands a new approach from the industry as a whole, he says.
Charl van der Walt, co-founder and managing director of SensePost, expects 2012 to be the year when the issues of mobile security truly come to a head. "The massive scope and volume of mobile computing is posing some interesting new security challenges. This is not so much because mobile is inherently less secure," he says, "but rather because of the massive uptake of mobile and the unprecedented degree of connectivity involved."
Van der Walt, Lane and Labuschagne will be among the international and local IT security experts speaking at the security summit.