Cybersecurity Requires a Multifaceted Approach

---

Cybersecurity Requires a Multifaceted Approach Posted: 02 Nov 2011 11:45 AM PDT Eugene Spafford, a professor at Purdue University and founder and executive director of the Center for Education and Research in Information Assurance and Security, said the real problem is the belief that flawed systems can be secured retroactively, either by add-ons or by compelling users to act in ways they are not used to. Even if agencies have policies to provide training, they are often too specific or too ambiguous, he said. For example, take the "don't open any suspicious e-mails" approach. What exactly constitutes a suspicious e-mail message? Many of the social engineering attacks occurring today are designed to not look suspicious, Spafford said. "The approach that's currently been taken is sort of the equivalent of telling employees, 'when you come to work, don't open any square blue boxes.' But then someone sends in square red boxes, and they all get taken," he said. The federal government's efforts to transition to cloud-based services and technologies could also mean more security problems, he suggested. Following trends or big pushes to save money often mean that security issues fall lower on the priority ladder. "That's partly why we have vulnerable systems today, because the idea was, 'we'll buy whatever is the cheapest thing on the market' to save money rather than actually thinking through building a strong, secure infrastructure," Spafford said. More information »

Spafford to Give Keynote Address at Anti-Phishing Conference Posted: 02 Nov 2011 07:51 AM PDT Some of the security industry's biggest minds will gather Nov. 7-9 at San Diego for a conference dripping with acronyms, computer jargon and geek-speak. The conference is the jamboree of APWG — Anti-Phishing Working Group to those not initiated into the mysteries of cybercrime terminology. A keynote address by Eugene H. Spafford, professor of computer sciences at Purdue University, will review new technologies and systems being used to protect Internet works and data resources. More information »

You are subscribed to email updates from CERIAS Combined Feed To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google Inc., 20 West Kinzie, Chicago IL USA 60610