Roundtable ponders future security problems

Feb 1, 2001 12:00 PM


         Subscribe in NewsGator Online   Subscribe in Bloglines

The abundance of network connectivity throughout the world is a threat to the future of security. The explosion of ever-connected devices and the complexity of those devices could cause chaotic situations, such as power outages, network downtime and market crashes that could put society at risk, according to a recent report by the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University, Lafayette, Ind..

It's just one of the findings in a report on a security roundtable focusing on identifying trends that will impact security in the future. The roundtable participants also offered suggestions on how to prevent the more troubling trends.

Here are the top-10 trends impacting security identified by the roundtable of security experts:

  1. Explosion of new information devices will increase the complexity of systems to the point that it is impossible to comprehend the devices being used.

  2. As companies build relationships with other companies who are also building their own relationships, trust boundaries of corporate systems will be extended without a clear understanding of who is trusted. Industry will find it difficult to enforce its own business security policy on a process handled by multiple layers.

  3. The difference in ideologies, philosophies, economies and goals brought together by the Internet will result in a challenge to local rules, changes in law enforcement, and an emphasis on contract law. Money and economies, plus concern for damage to critical infrastructure information, will drive lawmakers to act.

  4. As companies become global, they will rely less on local government when international crime occurs on their networks and systems. Large companies will hire private security services to protect them where the law is inadequate. In addition, international companies will use local laws to their advantage by picking the country whose laws they wish to apply to their business situation.

  5. Concern will grow about how information is collected and used, especially information considered personal and private. There will be growing pressure for accountability, to know who is involved in a business environment, to assign accountability to actions that occur, to meet the needs of law enforcement, tax collection and the national interest.

  6. The pressures to deliver to the market at the speed of e-commerce will force vendors to sacrifice security and quality for functionality and expediency.

  7. Lack of security skills will compound weaknesses of delivered solutions. Web-enabled applications will suffer because of exposed weaknesses in its security.

  8. The explosive growth of electronic-based intellectual property and the easy ability to transform, manipulate and deliver information anywhere, anytime, will force society into heated debates on information ownership and control. Intellectual property rights, creative control and privacy will all be challenged in this debate on ownership and control.

  9. Standard security architectures will be developed that provide a set of security services like authorization, certificate management, encryption, and intrusion detection.

  10. Information exploitation will become more widespread. The interconnectedness of everyone and our ability to respond instantaneously to events, knowingly or unknowingly, will increase the chance of misinterpretation causing havoc.

A call to action

According to the report, in order to stave off any chaos that these trends might inflict, several issues must be addressed. The issues — Call to Action items — are viewed by the roundtable as the most profound in establishing a more secure future. The following action items were viewed as most critical by the CERIAS Security Vision Roundtable:

  • Improve software quality: Prevent distribution of weak software with security exposures.

  • Invest in training and awareness: Develop a sound educational program that focuses on security and ethics.

  • Implement best practices: Incorporate baseline safeguards and practices.

  • Initiate public debate: Initiate public debate on identification, ownership protection, use of personal information, and responsible use of computing.

  • Advocate holistic approach: Advocate and pursue a well-rounded and proactive approach to the overall problems.

  • Package security architectures: Encourage packaging of basic security architectures with standard services that integrate with applications and infrastructure.

For more information on the CERIAS roundtable, go to www.cerias.purdue.edu.

Want to use this article? Click here for options!
© 2012 Penton Media Inc.

Today's New Product

Product 1 Image

Privaris Biometric Verification Software

In support of the Privaris family of personal identity verification tokens for secure physical and IT access, an updated version of its plusID Manager Version 2.0 software extends the capabilities and convenience to administer and enroll biometric tokens. The software offers multi-client support, import and export functionality, more extensive reporting features and a key server for a more convenient method of securing tokens to the issuing organization.

To read more...


Govt Security

Cover

This month in Access Control

Latest Jobs

Popular Stories

Resources

Back to Top