The Sky Isn't Falling in IT Security, as Some Might Suggest
There are an increasing number of technologies with auto-updating and patching built in, including the popular WordPress content management system, which has been providing users with automatic updates since late 2013. Many high-profile attacks also tend to involve some form of password theft and/or privilege escalation, both of which are attack types that are now also well-understood. With passwords, many modern Web applications and systems now support two-factor authentication systems, which provide an additional layer of protection. When it comes to privilege escalation attacks, user-behavior-based platforms and technologies are now entering the market, including Microsoft's Advanced Threat Analytics. Often, many security statistics reports will lead with claims that some number of users or organizations are at risk from something, and that can sometimes be news. However, what isn't news is when organizations aren't hacked and exploited. That's the theme of a really thoughtful new IBM security video that attempts to make light of the fact that not being hacked can be news, too. For the first time, there are now also the beginnings of guarantees in security, which is something that hasn't existed before, either. WhiteHat Security, for example, now offers its customers a refund if they are hacked. WhiteHat founder Jeremiah Grossman wouldn't be doing that unless he was confident that he wouldn't have to give refunds to refund customers, as he knows that security can, in fact, be done properly and effectively.Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
Organizations in 2015 are being breached, and vulnerabilities in software exist and continue to be found. Chicken Little's proverbial "sky," however, is not falling, and technology can, in fact, be used securely. While often technology seems to be stuck in a dark tunnel of insecurity, there is a light at the other end.