Security Experts: Organizations Should Focus on the Big Picture Instead of Just Plugging Holes

Solutionary researcher offers some insight on how firms should secure their systems

By on December 7th, 2012 14:05 GMT

In many cases, after being hit by a cyberattack, organizations will rush to address the vulnerability that allowed the attackers to penetrate their systems. However, this approach doesn’t actually help the company’s security stance.

According to experts from Solutionary, many organizations develop their security strategy so that they’re protected against the top vulnerabilities appointed by security firms.

While ensuring that your systems are not vulnerable to SQL Injection or cross-site scripting attacks is certainly good, it’s not enough.

“As a security researcher, I will be the first to tell you that if an attacker can’t break into an application one way that they can certainly find another. Funny thing is, attackers do not work from a checklist and call it quits. Neither should we as security professionals,” Rob Kraus, director of research at Solutionary, explained.

“As information guardians, we cannot simply buy a product because it fills a checkbox and defeats SQL Injection or Cross-site scripting. Yes, it is certainly appealing to ensure that those features are included, but overall we need to step back and see where we can apply a sensible solution,” he added.
Solutionary experts offer some advice on how security should be handled by an organization
   Solutionary experts offer some advice on how security should be handled by an organization
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments