MANILA, JULY 5, 2006
 (STAR) By Eden Estopace - How many computer scientists would it take to install a light bulb? "Five," said Ken Low, 3Com Corp.ís security head for the Asia-Pacific Rim. "Two write the specifications, one to prove their validity and two to implement them."

How many hackers would it take? "Zero. Nobody knew they were there."

And as the IRA said to Margaret Thatcher after a failed assassination attempt: "We only need to be lucky once but you need to be lucky every time."

As technology enables organizations to function, downtime is costly and disruptive. At the rate Web server intrusions are happening, traditional firewalls and anti-virus no longer suffice.

Low was a speaker at a conference sponsored by market research tracker IDC last May for IT professionals and computer experts. Dubbed "Dynamic Resilience: Security and Continuity 2006," the conference gathered computer security experts to discuss new trends in network security and infrastructure.

Lowís topic Ė Auto-Protecting Networks: How Intrusion Prevention is Automating and Winning the War Against Infrastructure, Application and Performance Attacks Today and Tomorrow Ė drums up the point that in todayís tech scene, traditional defenses canít stop the attacks, that they will miss at least 80 percent of the time.

According to a study of Web server intrusions in the Philippines, he said all types of systems from Windows to Mac OSX to Linux have been compromised one way or the other.

"There are more vulnerabilities out there than there are patches available," he said. "Some ports are open for Web traffic (and therefore attacks) and a firewall system does not rise above layer 2 or 3 and canít usually detect anomalies."

That is why companies are moving from a completely defensive strategy to the new domain of intrusion prevention, he said.

Incidentally, intrusion prevention system (IPS) is 3Comís strength. Infonetics Research has cited Tipping Point, a division of 3Com and a pioneer in intrusion prevention, as the market leader in network-based, in-line intrusion detection and IPS in 2005.

Low leads 3Comís security initiatives and advocates the need for secure converged networks to enterprises and governments and industry groups.

Making a pitch for 3Comís IPS, his challenge to the audience was to try 3Comís IPS for five days. If no attacks were detected during the trial period, he said they would get a video iPod. If there were attacks, they would get for free the book The Art of Intrusion of former hacker Kevin Mitnick.

Low was basically asking the audience: How well can your network stop the next cyber attack? IPS, he said, stops the attacks before they could do damage to the network. Specifically, 3Comís IPS blocks two million Web server assaults per week. At one time, it even detected 803,000 Zotob attacks in a weeklong assault.

"It is all about protecting your vulnerabilities, and it happens on three levels Ė application, infrastructure, and performance protection," he said.

People, however, could spend a fortune on technology and still be vulnerable to attacks via old-fashioned manipulation.

Jojo Ayson, senior product manager of Microsoft Philippines, said in his presentation entitled "Security in a Connected World" that there is no communication system on earth that does not rely on humans. Thus, the human factor is an important element in mapping out a security strategy for enterprises.

"Security is everyoneís concern," he said. At all levels of the organization, awareness is key.

The United Nations has even adopted a resolution for the creation of a global culture of cyber security, he added.

Ayson emphasized that people generally hack websites or attempt to intrude into a network for the thrill of discovery, for bragging rights to tech-savvy peers, and for criminal intent such as stealing information or identity.

The chief security officerís job, he stressed, is to make sure that nothing happens at the end of the day.

However, as an organization is made up mostly of non-technical people, computer usage policies must be clear and implemented across the ranks.

Ayson enumerated what he called the 10 immutable laws of IT security. Topping this list is the dictum: If a bad guy can persuade you to run his program on your computer, itís not a computer anymore.

Aysonís point is that there are security breaches that are self-inflicted. Spams and malware, for example, boil down to the issue of relinquishing control. If you allow other people to rule your machine by downloading e-mails or programs from an unreliable source, you allow your system to be hijacked by outside entities.

Phlishing, he said, is another example of cyber crime that requires very little technology. By divulging your financial or bank account information, you pave the way for identity theft.

Another of Aysonís security dictums: A machine is only as secure as the administrator is trustworthy. Encrypted data are only as secure as the description key.

Lastly, he said technology is not a panacea. While it is important for enterprises to invest in the latest security software and applications, it is equally important to consider the human factor in recognizing vulnerabilities in a system.

Wrapping it up, Manuel Ravago, research manager of IDC Philippines, said that empowered employees are increasing security management challenges. But as information and communications technology (ICT) aligns itself with business needs, there is a whole portfolio of secure content and threat management to ensure business continuity and manage downtime due to network security breaches.

In the light of the increasing diversity in infrastructure, tomorrowís security concerns will also be complex.

As it is now, Ravago said, companies have shorter response time from the announcement of a vulnerability to a full-blown mass attack.

For Code Red in June 2001, it took 31 days for five variants to infect 359,000 machines. But for Zotob in August 2005, it took only seven days. With 17 variants, it infected over one million machines.

"Security strategy," Ravago said, "needs to be increasingly dynamic and always changing in order to respond to sophisticated threats."

Chief News Editor: Sol Jose Vanzi

All rights reserved