You Are Safe Until You Are Not

ZDNet reports on John Pescatore’s talk at the Gartner Symposiumin SF this week. John is probably the best security analyst at Gartner and an influencer of many a CIO. It’s a good article and there are links to the hype cycle slides for threats and security solutions.

Two key messages: (1) a false sense of security is emerging and (2) building perimeter defenses is not the answer–we have to look for ways to build + buy more secure software.

“Every time there’s a piece of software built there should be evidence of vulnerability testing and the software lifecycle,” says Pescatore. “If I buy a shirt, I see it was inspected by checker 27. Where is 27 when I buy software?”

With SaaS, Web 2.0, Web services + mashups, the security landscape (both attacks and solutions) will get quite interesting.  There are two core principles of information security that have prevailed over time: defense in depth and the weakest link breaks the chain. Defense in depth would suggest that we are likely to see more layers in the security solution onion as the nature of applications and their interactions become more complex. The weakest link principle would suggest that we’re likely to see a lot more broken chains and interesting front page articles in WSJ about fraud and data loss.

Source: » Are businesses getting complacent on security? | Between the Lines | ZDNet.com

About Simeon Simeonov

I'm an entrepreneur, hacker, angel investor and reformed VC. I am currently Founder & CTO of Swoop, a search advertising platform. Through FastIgnite I invest in and work with a few great startups to get more done with less. Learn more, follow @simeons on Twitter and connect with me on LinkedIn.
This entry was posted in Web 2.0 and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s