14 DAY TRIAL // Recently I had the opportunity to chat with Radware’s VP of Security Solutions, Carl Herberger, and he had some interesting views regarding the never-ending battle between security experts and hackers, especially when it comes to cloud-based systems.
“From antivirus software to firewalls and intrusion detection and prevention systems, these solutions are, in fact, merely the most effective strategies at the time of implementation. In other words, as soon as businesses build or strengthen a protective barrier, the ‘bad guys’ find another way to get in,” Herberger said.
He believes that attackers always manage to adapt their tactics and strategies to make sure they find some security flaw they can take advantage of.
“Security is like a chess match whereby there is a constant ebb-and-flow between the recognition of new vulnerabilities and new risks and the deployment of new controls,” he adds.
“Given this, there are no doubts that the cloud service model will go through a phase whereby nearly all will question the security models as the perpetrators will have found a huge exposure. I truly see an event which will have us question the integrity of our data and use of cloud services.”
The expert states that unfortunately, corporate and external auditors are falling behind both technically and from a procedural standpoint when it comes to performing the all-important audits that target cloud systems.
In the future, clean data, trustworthy data that “hasn’t been tainted by a cloud operation” will become as valuable as gold. Businesses with conservative internal operational models may prove themselves to be the best answer for many of the problems the industry is faced with today.
We’ve seen state organizations failing to protect their infrastructures and a security industry that’s in many cases falling behind. Stay tuned, since tomorrow we’ll take a look at what a company should look for when purchasing an attack mitigation system in 2012.