Company Boards Must Assume Cyber Attacks Will Occur Says Bloomberg
Cyber attacks are now so common that corporate directors must assume that their companies’ intellectual property will be stolen, according to experts at this summers Bloomberg Link Boards & Risk Conference in Washington. “Boards can’t keep hoping they won’t be attacked because my colleagues Peter Elstrom and Rochelle Garner wrote about corporate boards and cyber attacks in a story published today by Bloomberg News.
Security experts such as Patrick Morley, CEO of enterprise security firm Bit9 say that attacks are on the rise. Morley came to visit me last week in San Francisco after giving an educational seminar about how to stop malware. He predicts that security will move toward so-called white listing, the practice of defining the software that IT departments will let run on computers and mobile devices. Bit9 has created a global registry of known “good software” and offers a product that acts as a sentry, only letting employees download applications that aren’t dangerous.
This works in reverse of the way many anti-virus software programs work. Those programs scan for code that’s known to be bad. The problem, says Morley, is that at this point there are more bad viruses than there are safe software applications on the market.
“We’re all looking for bad but we know what good is,” said Cisco’s chief security officer John Stewart, when I interviewed him in March. Software vendors all know what they publish and the idea is to create a comprehensive list of that software so that everything else is questioned. “I think it’s high time that we continue to look for things that are potentially more effective,” said Stewart.