By TECHNOLOGY TIMES Staff
Lagos. July 15, 2013: Vir2us CEO, Ed Brinskele has beamed attention on what government security experts are calling next-generation cyber security representing a new and different approach to a rapidly growing problem that, according to the U.S. government is costing global business up to $1 trillion annually.
According to Rebecca Brown, spokesperson for Vir2us, Brinskele was responsible for the U.S. National Institute of Standards and Technology (NIST) adopting new specifications for implementing next-generation cyber security for Smart Grid; a national project to overhaul the nation’s aging power grid.
So what’s different about the next generation of cyber security? Well according to NIST, plenty. Brinskele’s blog reveals that nearly all legacy cyber security firms have believed that “keeping-the-bad guys out” by maintaining constantly updated lists of known-threats, was the way to deliver cyber security.
However, this approach often fails because known threats can be quickly and easily morphed into unknown threats. The blog goes on to say that once hackers get inside a company’s computers there is virtually no security to stop the theft of information or the takeover of computing resources. NIST’s report on standards for Smart Grid says cyber security needs to be built into computer systems and processes, not layered on top of them.
According to the Cyber Insights blog, next-generation cyber security is focused on creating new and inherently secure computing processes that are low in the computing software stack, and which do not rely on the integrity of operating systems like Windows, MacOS or others.
These next-generation solutions increase security effectiveness from as little as 17% up to 100%. They also free up bandwidth and processing resources that are currently being devoured by the endless amount of list updating and redundant scanning of email and files.
Brinskele says that this new security approach makes next-generation cyber security a profit centre and one of the biggest opportunities to positively impact bottom line profits.
“Genuine cyber security is poorly understood by most senior executives”, says Brinskele, “and if CEOs knew how little their IT people understood about it, it would likely raise their level of concern.”
He says that CEOs need a source of constantly updated global domain knowledge in this area because of the impact that failing to secure digital assets will have on the future value of their business.
Recently, the Wall Street Journal published an article about the U.S. Government’s frustration over major U.S. banks failing to move more quickly to counter the escalating cybercrime losses resulting from hacking and fraud.
Brinskele observes that, “When problems related to information technology are allowed to go unsolved for long periods of time, firms tend to build them into their cost model and management processes. Credit card fraud, for example, has grown from a few billion dollars to tens of billions in the past two decades. There is an entire industry that is managing the post-fraud process and is therefore less interested in solving the problem than in perpetuating the infrastructure created to catch the perpetrators. It’s a study in human psychology.”
Brinskele’s blog also says that some CEOs are already coming under fire for not addressing the issue. The blog says that its aim is to make CEOs the cyber security experts in their own businesses.
He said, “Speaking as a CEO, I can say that wherever I’ve seen managers lacking in critical domain knowledge, the vacuum can quickly get filled up with wishful thinking.”