Global Cyber-Crime Summit Fails to Address Current Threats, IronKey Urges IT Security Industry to Take Action
June 2011 by IronKey
IronKey has urged IT security professionals to take immediate action to address rapidly increasing cyber-crime attacks. This call to the industry follows last week’s Global Cyber-Crime Summit in London, where leading firms failed to deliver concrete solutions to current threats.
In recent months, cyber-criminals have carried out targeted attacks on some of the world’s biggest organisations. Only yesterday, leading security vendor RSA — whose customers include global banks and government departments — offered to replace its ubiquitous SecurID tokens after the company had fallen victim to a cyber-attack. While RSA battles to save its reputation with customers, Sony is also trying to redeem itself after its online games network was compromised by a hacking attack in April. This particular attack left more than 100 million customers affected, and rendered the service offline for a month at a cost of nearly $200 million (£122.3 million).
In addition, defense contractors like Lockheed Martin, utilities providers and the global banking system are all being targeted by cyber-criminals — and if they are successful, the consequences are far reaching and long term — with the potential to severely impact the global economy.
So, as attacks intensify, all eyes turned to the IT security industry at last week’s global summit — in the hope that the market experts would introduce new preventative methods to tackle threats head on, in a proactive manner. But instead, industry leaders took a reactive stance, focusing instead on dealing with existing threats, protecting end-points on the network and educating users.
Arthur Wong, CEO of IronKey, commented: "We need a new direction for protecting data itself, moving away from failed methods like AV — that only detect threats after they occur. The industry needs to be proactive, not reactive, and this was the missing message from last week’s event."
While one of the major talking points of the show was about the need to educate end users, IronKey believe that organisations can no longer expect their employees or customers to be responsible for IT security on their computing devices. Wong added: "It’s time for businesses — and the industry — to take action, preventing threats and therefore protecting both themselves and their customer base."
Using the banking industry as a case study, analyst firm Gartner reports that it’s not just the banks themselves which are being attacked; but that cyber-criminals are more sophisticated than ever before — targeting both the banks and the computers and systems of their end user clients. However, unlike the rest of the industry, IronKey believe that it’s up to the banks (and IT security vendors) to protect their customers, and not the other way around.
Wong concluded: "The products of most firms are set up to react to particular threats. But cyber-criminals are continually developing new, and more sophisticated, variants of malware and viruses. And so existing products can’t react quickly enough, and certainly can’t hope to be 100 per cent successful in detecting and combating new threats. IronKey is different. In fact, we’re 180 degrees away from the way that the industry currently thinks. Our products assume that a system is already infected — providing the user with a hardened virtual operating system and browser, built-in malware protection and a trusted network that together provides a separate, protected computing environment."