How the good guys fight the security arms race

Growth of government-sponsored cyber attacks
In the US the airforce has created a new command, cyber command, that deals with those kind of country-sponsored threats. When it gets to national defence I know that the US takes it very seriously. We have talked to them about how commercial technology can be applied to deal with those sorts of threats. If you just focus on things like patching the operating system or antivirus those sorts of things are not effective at countering that sort of threat. You have to look at behaviour to judge whether somebody is untrustworthy.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

The need for a dedicated e-crime unit in the UK
It is a specialised area. Certainly within the US there are specialised units within the FBI. There's no question that threats in that area will continue to grow. There's more reason to have such a unit because people make money today from it and there're more reasons in terms of national threats. It's a cat and mouse game, you have to stay one step ahead of your adversary. People on the good guys' side need to be armed with the right technologies and understanding of what the threats are. It's an arms race and there's always some exposure that any enterprise has to deal with.

How to avoid government data breaches like the HMRC lost data discs scandal.
It's really back to the same approach, it's focusing on the information itself, being able to protect that information no matter where it travels, whether it is in storage, whether it is in a database, in an application, going across the network in an email message or sitting on your desktop on a USB device. The whole point is being able to enforce the policy on that information wherever it exists. The breaches occur because there might be a policy but it's not consistently enforced. It's only in the back end and once it goes to your desktop it's in the open and anybody can do anything they want. In almost all these cases it's generally the case that information is not protected consistently end-to-end as it travels. You have multiple enforcement points to protect that data, it's not new. You don't expect just one place in an architecture to protect your data.