Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The old methods of either blacklisting software or whitelisting it for full access are no longer sufficient in today's threat environment he said. Instead his company was working on new software that assesses the reliability of applications based on their history and reputation.“We've spent three years to build software that divines reputations automatically,” he said.“In this model we divine a computer's reputation of the program from its origin, age, source and using some other secret source that we can't disclose. The new method isn't just about blocking software, but about defining policies for access.”He gave the example of a systems administrator who can set policies to only allow software on the network that is more than 30 days old, to eliminate new malware, and that is in use by at least a million people.“That sounds to me like the Conficker virus,” said Adi Shamir, professor of the Computer Science Department at the Weizmann Institute of Science in Israel. “It was around longer than 30 days. Also I understand the security code on that malware is very good.”In a similar theme Salem said that other security features need to be automated to make them faster and more effective. For example, if an employee loads protected data onto a USB memory stick then they should automatically be alerted to breaking policy, with a similar warning being sent to the administrator.This was an issue of personal interest for Salem, as he admitted he had personally lost a USB stick containing confidential information. Half of lost USB sticks contain confidential information he said.The new approaches to security are needed he said because the threat landscape was getting much more difficult. Attacks are reaching 200,000 every half hour worldwide and 90 per cent of those attacks were aimed at harvesting confidential information.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.