DEARBORN ? The terrorist attacks of 2001 raised the stakes for professionals charged with protecting a corporation?s physical and cyber assets. Security today has evolved into an arms race, leaving defenders scrambling to catch up.
Michael Assante, chief security officer for American Electric Power, said it has taken the Security world three years to understand the new perception of the world ? threats have changed. It?s taken time to catch up to all the changes wrought by 9-11.
?We?re now defending against blended attacks,?? said Assante, who spoke at the Detroit SecureWorld Expo. ?They use bombs and computers to do damage. What we have now is information warfare.?
Information ? a clear focused message ? is needed to combat these malevolent forces. Competing Security messages are not good and make it harder to get management buy in, he said. Business executives want Security risk factors translated into how they make economic decisions.
The new Security threats aren?t coming from just terrorists, said Pete Lindstrom, research director for Spire Security. Organized attacks can be cyber terrorism, organized crime, extortion or phishing ? fake email messages soliciting personal financial information that can be used for identity fraud.
?Attackers are getting smarter about how to attack,?? Lindstrom said. ?Real security is hard. We need to find better ways to measure our success. We need new benchmarks, new topics. Our responses need to be threat-based. We need to use active deciphers, look at vulnerabilities and use Dynamic Access Controls.?
