saas security under scrutiny after high profile breaches
DESCRIPTION
The firing of Target CEO Gregg Steinhafel this week underscored just how important computer security is to modern corporations. “I think it’s a clear sign that we’re in a new era, one in which companies are engaged in what you could clearly call asymmetric warfare against an insurgency,” says security expert Charles Nguyen who likens cyber intrusion to the kind of disruption companies face in war zones.TRANSCRIPT
SaaS Security Under Scrutiny After High Profile Breaches
The firing of Target CEO Gregg Steinhafel this week underscored just how important
computer security is to modern corporations. “I think it’s a clear sign that we’re in a new
era, one in which companies are engaged in what you could clearly call asymmetric
warfare against an insurgency,” says security expert Charles Nguyen who likens cyber
intrusion to the kind of disruption companies face in war zones.
The new battlefield is almost completely invisible, with battles taking place with ones
and zeroes being sent between computers at lightspeed over fiber optic cables that
encircle the entire world. As commerce has become increasingly reliant on technology,
new vulnerabilities are coming to light. This increased reliance on technology is
converging with a shift in hacking from a hobby to the foundation of criminal enterprise
and even state-sponsored military insurgency.
Nowhere is this more evident than in the software-as-a-service (SaaS) applications being
used by companies. SaaS Security is an increasingly prominent topic among those in IT
security, whether at security conferences or even in the corporate boardroom. “I’ve had
clients tell me they are presenting the state of their SaaS Security to the board of directors,
because cloud is now a board-level concern,” says Nguyen who advises security teams at
Fortune 500 companies.
But technology is not enough, he says, to achieve SaaS security. In the case of Target, the
company had a security software tool that detected the breach as soon as it began. The
failure lie with the security team that failed to follow up on the alert the received, while
the breach continued for another week and millions of customer credit cards were stolen.
For that, Nguyen says companies also need old-fashioned people and process to be secure.