Resources for Health Insurance Portability and Accountability Act (HIPAA)

7 dirty secrets of the security industry

www.infoworld.com

Corporate IT executives need to beware the seven dirty secrets of the security industry that can undermine the safety of business networks, a security expert told attendees at Interop Las Vegas.

"It's best to have a healthy level of skepticism about what security vendors are trying to tell you," says Joshua Corman, principal security strategist for IBM/ISS, which itself is a security vendor.

He called his talk "Unsafe at any speed: 7 Dirty Secrets of the Security Industry," harkening back to the 1960s Ralph Nader book about automobile safety, Unsafe at Any Speed. Nader's book took car makers to task for worrying more about cosmetic improvements than upgrades to make cars more safe. Security vendors have at times invested development money in management GUIs rather than new security features. And they have a tendency to add features only when customers demand them, he says. "The goal of the security vendor is not to secure, it's to make money," Corman says.

View the Resource

Share or bookmarklet this web page at: