Enterprises are too focused on meeting security standards such as payment card industry (PCI) compliance rather than implementing configuration management, business resumption and fault tolerance, according to a security expert.
Speaking to CSO Australia at the Cyber Security Summit in Sydney, Tenable Network Security US chief security officer, Marcus Ranum, said management and IT executives needed to start treating attempted external hacks as another fault and include security in the context of a business problem.
“PCI compliance is something that any organisation with a clue about security would have been doing all along,” he said. “CSOs need to be questioning prevailing trends and not follow what everyone else is doing.”
In addition, Ranum said the information security industry was “stuck in the crosshairs” of trends such as reduced budgets due to the development of more intelligent security systems.
“You can have an anti-virus system or application firewall that does a pretty good job because it’s executing the standard knowledge base against a static system,” he said.
“Because we were able to get things to work pretty well with these kinds of knowledge based [security] systems we’re getting pressure from management to do more with less.”
However, this also meant malware was getting more sophisticated -- to the point where it required a dedicated response team of generalist security staff.
“One of the things I’m seeing is that organisations are patting themselves on the back and saying they’ve taken care of the problem but then they’re getting owned by some piece of malware,” he said.
“These organisations are then spending huge amounts of money on forensics and incidence response.”