Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Security Journal, Secure Cloud Computing, IT Security Insider

Blog Post

Preventive Security Through Behavior Modification

Part 1 - A $100 billion solution

Over the next few weeks, we'll investigate how the expression "An ounce of prevention is worth a pound of cure" could also be applied to the IT world, and what are the tools to foster preventive security through behavior modification.

When looking at IT security, it seems that most of the security solutions today are based on Defensive Security. Technologies such as AntiVirus, Firewalls, Intrusion Detection Systems and Intrusion Prevention Systems, Anti-Trojan, Anti-Worms, and Anti-Spyware belong in this category. The primary focus of these technologies is defending against security attacks in progress. Other categories of security exist of course, such as Proactive Security (including Vulnerability Management) and Remediation Security (e.g. Patch Management), but the industry focus these past few years has been on Defensive Security.

It is amazing that despite all of these types of security solutions, major investments and huge efforts by the industry, security incidents still happen all the time. And many of these hacking attempts are "successful" (for the bad guys that is).

McAfee published a staggering study in 2009, conducted by researchers from Purdue University.  800 CIOs from several countries were polled, and it turns out that a combined $4.6 billion worth of Intellectual Property (IP) was lost in 2008 alone, and that these businesses spent approximately $600 million repairing damage resulting from data breaches.

McAfee now estimates that worldwide, businesses lose more than $1 trillion in Intellectual Property due to theft and cybercrime.

IT Security could be a trillion dollar per year problem!

So what's the answer?

Let's think about this. The best way to secure an IT environment is to prevent security attacks from happening in the first place, and to make sure that bad guys don't even try to commit electronic crime. In other words, the most effective way to prevent electronic crime is to modify the behavior of would-be attackers, and to make them think twice before they commit electronic crimes.

Next week we'll dive into Preventive Security.

More Stories By Gorka Sadowski

Gorka is a natural born entrepreneur with a deep understanding of Technology, IT Security and how these create value in the Marketplace. He is today offering innovative European startups the opportunity to benefit from the Silicon Valley ecosystem accelerators. Gorka spent the last 20 years initiating, building and growing businesses that provide technology solutions to the Industry. From General Manager Spain, Italy and Portugal for LogLogic, defining Next Generation Log Management and Security Forensics, to Director Unisys France, bringing Cloud Security service offerings to the market, from Director of Emerging Technologies at NetScreen, defining Next Generation Firewall, to Director of Performance Engineering at INS, removing WAN and Internet bottlenecks, Gorka has always been involved in innovative Technology and IT Security solutions, creating successful Business Units within established Groups and helping launch breakthrough startups such as KOLA Kids OnLine America, a social network for safe computing for children, SourceFire, a leading network security solution provider, or Ibixis, a boutique European business accelerator.