Information Security in the Real World. Confidentiality, Availability, Integrity, Practicality.
Monday, 15 March 2010
This worrying report from InformationWeek.com suggests that AV vendors are missing the point and patching specific exploits not vulnerabilities. Further proof, if any were needed, that defence against cyber attack needs a holistic approach blending everything from policy and people management through perimeter defences down to intrusion detection, malware detection, patching, good application software controls, removable media controls and incident response. We have to get in a room and plan the whole thing. AV is not dead but it is no longer the big gun of our defences as it once was. Quoting Schneier: "antivirus software is neither necessary nor sufficient for security, but it's still a good idea. It's not a panacea that magically makes you safe, nor is it is obsolete in the face of current threats. As countermeasures go, it's cheap, it's easy, and it's effective". But it's clear that holistic security, as discussed back in 2008 by IBM, is an approach whose time has definitely come.