White Papers September 23, 2016

Failures of the Security Industry: Accountability and Action Plan

The information security industry is losing the cyberwar. Make that cyberwars. Plural. Black hat "hacktivists," organized crime syndicates, state-sponsored operatives, terrorists, and other threat actors attack computer systems and critical infrastructure on multiple fronts across the globe with seeming impunity. Motivations and objections vary. The common threat is malicious intent.

Download

The information security industry is losing the cyberwar. Make that cyberwars. Plural. Black hat "hacktivists," organized crime syndicates, state-sponsored operatives, terrorists, and other threat actors attack computer systems and critical infrastructure on multiple fronts across the globe with seeming impunity. Motivations and objections vary. The common threat is malicious intent. Backed by alarmingly sophisticated skills and deep resources, these 21st century intruders frequently succeed in attaining their objectives. But, it is not only the sophisticated that succeed. Often, perpetrators with more persistence than acumen are able to exploit weaknesses. Enterprises unwittingly provide broad attack surfaces with inadequately secured or completely vulnerable points of entry. Whether targets of adept cyber saboteurs and criminals or of their own lack of preparation and investment, victims of cyberattacks sustain damages that range from isolated annoyance to devastating, expansive... and expensive.

failures-security-industry-accountability-action-plan-thumb