Communications of the ACM
'spaf' on Security
Not enough attention is being paid to computer security, says Purdue University professor and ACM U.S. Public Policy Council chair Eugene Spafford.
Credit: Purdue University
Purdue University professor Eugene Spafford, chair of ACM's U.S. Public Policy Council, says in an interview that not enough serious consideration is being given to computer security, noting that "we went from 20 pieces of malware in 1988 to [around] 180 million today."
He laments that there have been several opportunities to learn valuable lessons and change the way business is done, that were not exploited. "By investing in and putting all the attention on firewalls, we were giving up on host security, basically," Spafford points out. He says a reliance on firewalls still exists today while the security situation has not improved, and is likely to be exacerbated by mobile and bring-your-own-device trends.
Spafford also observes that, whereas in 1988 a computer worm was a cause of considerable alarm and focus, today there exist hundreds of active worms that no one bothers to mention because they are stealthier. Spafford cites a regression in security in the last several decades, with the current concentration on patching being a step in the wrong direction.
"If everything was in balance, we would have people who are trained across the areas and products they are looking at that are designed to be solid and secure," he says. "Any breaking of a system would be a largely futile exercise they would nonetheless indulge in as confirmation or assurance."
From Dark Reading
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found