| NetEvents - European Press Summit, Barcelona, Spain |
|
|
|
|
Vik Phatak, CEO, NSS Labs to chair an IT Security debate session on network security and the role of encryption.
Organizations that rely primarily on a secure perimeter to protect sensitive data are fooling themselves, while traditional network boundaries disappear and remote users demand access to sensitive information anywhere and at anytime. Security becomes locked into an “arms race”, involving ever faster and more sophisticated in-line intrusion prevention to combat crimes that can be committed in microseconds. Perhaps we can learn from the locksmith, who recognizes that no lock is unbreakable, so simply tries to slow down the criminal and increase the chance of being caught? So encryption combined with intrusion detection (not inline) might prove nearly as effective at lower cost. Cryptography – long used to protect data through dangerous territory, like the Internet – is now being applied to protect data in databases, filing and storage systems, applications and on laptops and other portable devices. With today’s faster processing, cryptography is gaining a key role in enterprise data security and compliance best practice. What are the risks when security techniques such as encryption follow the data around – acting more like a bodyguard than a series of roadblocks? There’s no doubt that encryption is a powerful tool, but what is the risk of having your data permanently scrambled? Does encryption lull us into a false sense of security? Or are we more likely to be complacent when protected by high speed, automated IPS? With data protection stakes riding high, what is the better strategy for today? To out-gun the criminal’s technology with high-speed intelligent protection, or to provide more encryption hurdles, decelerate penetration and rely more on human judgment? And where in the enterprise network infrastructure should security reside and who manages it? Should it be the network manger, MIS manager or CIO and if there are numerous elements involved will it be managed properly or are there potential holes and threats?
More information: http://www.netevents.org/events.php?id=13 |
