14 DAY TRIAL // Recently I had a great interview with Carl Herberger, Vice President of Security Solutions at Radware, and he shared some interesting things related to enterprise security, especially when cloud-based technologies are involved.
One of the topics we discussed was the difference between state and private organizations when it comes to securing their networks and their assets in general.
“I truly feel like governments (at all levels) have massive inherent problems which make them incredibly less secure and less capable of stopping attacks,” Herberger said.
One of the main reasons why this happens is because state agencies in general don’t have someone whose sole mission is to make sure the company is secure and protected against cyberattacks.
“No one person is responsible, thus makes no one responsible.”
He also believes that many vulnerabilities arise from the fact that the network architectures mostly rely on is a hard-to-understand “mesh.”
“Architecture is a mesh which no one really understands and this mesh is linked together like a chain-linked-fencce...so the overall security is dependent on the security of the weakest link,” he adds.
Bureaucracy and the inability to respond quickly to a critical situation are other major factors. Also, most companies lack the adequate tools and the ones they do have are in most cases not purchased for their great quality, instead they’re bought based on how cost effective they are.
It seems as talent also plays an important role. Many of the employees of government institutions are not as skilled or dedicated as the ones that work in the private sector.
Another aspect is that state organizations use “an old-fashion system of data privacy which actually prevents security personnel from conducting full and thorough audits and securing infrastructures from end-to-end.”
On the other hand, there are some things that make a government much more capable of handling a security related incident.
“Generally when a government realizes they were breached the can be no end to the amount of resourced they can deploy including money, people, political pressure and the long arm of the law,” he reveals.
“Government is uniquely situated to be able to counter international based threats and subpoena private entities for valuable information which is generally unavailable to private security personnel.”