Wednesday, June 02, 2004

Clarke Again ;)

According to Clarke, private industry should make sure that software security is an integral part of the evaluation process and that multiple levels of authentication are part of the e-commerce environment. It should also take an active, rather than passive, role in advocating comprehensive, rational cyber-security programs from government at the local, state and federal levels. Companies need to designate someone to be responsible for cyber-security.

"Bad guys are ahead at this stage of the cyber-security race. The expansion of wireless networks, handheld devices and high-speed connections is happening faster than vendors can patch and upgrade systems that were never designed for this range of services and worldwide access. Users still are demanding ease of access over security, and vendors are not requiring at least two levels of authentication for fear of losing business to competitors. New waves of technology, such as voice over IP and digital product tagging, will continue the expansion while security considerations will have to catch up. The upside is that private companies are committing budget dollars and personnel to cyber-security. I hope funding and resource allocation can get the race back to neck-and-neck status by next year."

No comments: