Another case of security by denial
Large consultancies are paid a lot of money to provide companies with information to help them run their businesses. But sometimes the statements issuing forth from these consultancies has me questioning their value to users. Last month at the Gartner Symposium and IT Expo in Sydney, Australia, Rich Mogull, Gartner Inc.’s director of information security and risk research, declared that cyberterrorism is mainly a theory. He said we should “stop running around being scared about these esoteric threats out there. Let’s look at protecting ourselves by closing the vulnerabilities we know exist and protecting ourselves from the attacks that we know exist.” Of course we all should be doing the day-to-day diligence of patches, upgrades and monitoring. However, in contrast to Mogull, I contend that we should not be worried about the threats we know about; we should worry about those we don’t know about. Cyberterrorism is not a theory: It is a fact of the future, and that future could be one day, one month or three years out. Today’s biggest cyberterrorism threats come from three places: Full Story