Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Security Journal, SOA & WOA Magazine, Cloud Security Journal , IT Security Insider

Blog Post

Preventive Security Through Behavior Modification - Part 2

Part 2 - Don't do the crime or you'll do the time

Last week, we saw that Defensive Security is not enough to solve the $1 trillion Intellectual Property and IT theft and cybercrime problem.

This week, more about Preventive Security.

Preventive Security is a set of technologies and processes used to prevent security incidents from even being attempted. These include awareness and training programs, establishment of proper policies and procedures and the use of technology solutions in support of existing laws.

In fact, this is not very different from "regular" crime and how we deal with it. We arm ourselves with the means to catch the bad guys, we severely punish crimes and we let people know that crime is bad, that jail is also bad and that if they try and commit the crime they will be caught. This prevents most people from getting into trouble.

So how severe are punishments for IT crimes?

In a case tried in March of last year, "The Soup Nazi" hacker was indicted to 20 years in jail for being caught stealing credit cards numbers.  Other types of crime, such as employee embezzlement, intellectual property theft, insider trade, and other white collar crimes are also severely punished with jail time and severe fines.

Do these types of punishment act as a deterrent to electronic crime? Yes, they most certainly do, provided the bad guys know that they'll be caught. Would-be attackers, like everybody else in the security business, play the odd games. I guess you could say that they too follow a risk management process!

"OK, I'm going to try this...I could get 20 years, but I'll never get caught" will certainly trigger a different behavior than "Hmm, I'm not even going to try it...I will get 20 years for sure because I'll get caught".

So, as in "the real world," severe punishment is not enough. We also need to deter would-be cybercriminals with a real fear of getting caught.

And what's the surest way to catch bad guys?

The best way to catch bad behavior is to properly perform forensics. Simply put, computer forensics is the digital equivalent of traditional criminal forensics. If a crime has been committed then we need to find out who did it and how they did it. And the investigation needs to respect the digital integrity of evidence so that the case can be successfully prosecuted in a court of law.

Ask any computer forensics expert what their favorite, go-to data points are to solve a complex IT crime, and they'll tell you "properly managed logs."

Next week, we'll see the advantages of using logs to solve the IT crime and why properly managed logs can be a powerful deterrent to would-be thieves.

More Stories By Gorka Sadowski

Gorka is a natural born entrepreneur with a deep understanding of Technology, IT Security and how these create value in the Marketplace. He is today offering innovative European startups the opportunity to benefit from the Silicon Valley ecosystem accelerators. Gorka spent the last 20 years initiating, building and growing businesses that provide technology solutions to the Industry. From General Manager Spain, Italy and Portugal for LogLogic, defining Next Generation Log Management and Security Forensics, to Director Unisys France, bringing Cloud Security service offerings to the market, from Director of Emerging Technologies at NetScreen, defining Next Generation Firewall, to Director of Performance Engineering at INS, removing WAN and Internet bottlenecks, Gorka has always been involved in innovative Technology and IT Security solutions, creating successful Business Units within established Groups and helping launch breakthrough startups such as KOLA Kids OnLine America, a social network for safe computing for children, SourceFire, a leading network security solution provider, or Ibixis, a boutique European business accelerator.