Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Its Time to Close Security Gap

    By
    Dennis Fisher
    -
    January 2, 2006
    Share
    Facebook
    Twitter
    Linkedin

      One of the immutable truths of the technology industry is that vendors are constantly at least one step behind users needs. Its not their fault; its simply a function of the speed at which business requirements and user preferences change these days.

      Software companies can work for months to integrate features that users have been begging for into the next releases of their products, but, invariably, by the time the product actually gets into users hands, its already months behind the times at best. At worst, its completely obsolete.

      This fact of life causes premature graying and peptic ulcers in the marketing and engineering teams at many vendors.

      Even the biggest superstar product manager can find himself polishing his résumé if the release he promised his bosses was the next big thing turns out to be six months behind the curve as soon as it hits the street.

      As annoying as that can be for users awaiting a big upgrade of their CRM or storage solutions, it can be downright deadly for IT managers looking for help securing their networks. Being behind the times in security isnt just inconvenient, its potentially fatal.

      And if we learned nothing else from 2005s rash of data breaches, credit-card-number thefts and other assorted miseries, we should have come away knowing the attackers are several large steps ahead of our defenses right now.

      /zimages/5/28571.gifRead more here about credit-card-number thefts.

      This has always been the case, but the stakes now are higher than ever, and its time for security vendors and researchers to close the gap.

      From its inception, computer security has been mainly a reactive discipline, and it has remained thus all the way through last decades burst of innovation.

      Crackers are stealing user accounts to get free time on university networks? Set up tripwires to find them … after theyre in. Viruses running rampant? Install anti-virus software to stop them … after theyve infected the network. Organized online gangs begin targeting banks and consumers with phishing e-mails? Start thinking about two-factor authentication.

      You get the idea.

      This state of affairs cannot continue. Whats needed, among other things, is a serious commitment to research from both the government and the private sector. This means committing not just people but also the money needed to support them.

      There are plenty of amazingly talented security researchers at Carnegie Mellon University, Purdue University, James Madison University and dozens of other colleges, but without the money they need to put together serious testbeds, they may as well be doing their research on TRS-80s.

      /zimages/5/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

      The shameful bureaucratic foot-dragging and indecisiveness that have characterized the U.S. Department of Homeland Securitys cyber-security research efforts need to end. Now.

      If the folks inside the Beltway are having a hard time deciding what kind of research is needed or where to spend their money, all they need to do is pick up the phone and call Gene Spafford at Purdue or any of his colleagues around the country, who Im sure would be more than happy to help the feds out.

      A good portion of the industrys more innovative ideas have come out of the university community, including Spaffords Tripwire technology and the RSA algorithm. And Im quite sure that there are plenty more ideas where those came from.

      But in order to grow and blossom into full-fledged technologies with the ability to make a difference in securing networks, they need the nourishment of research dollars to augment the care and feeding they get from scientists and researchers.

      Whats next? With any luck—and a little gumption from the suits in Washington—maybe well find out in 2006. I sure hope so, because otherwise I may be writing this same column again next year.

      News Editor Dennis Fisher can be reached at dennis_fisher@ziffdavis.com.

      /zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Dennis Fisher
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×