I’ve said it before: The No. 1 problem with computer security is poor root-cause analysis, where security pros fail to identify and track the ways an environment was exploited, be it malware or human attack.
Common root causes include social engineering, password guessing/cracking, unpatched software, misconfiguration, denial of service, and physical attacks.[ Also on InfoWorld: 10 reasons why phishing attacks are nastier than ever | Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld’s Security newsletter. ]
If defenders worried about the right root causes, they’d concentrate as much about adware finding its way onto a computer as they would a terribly malicious Trojan.
Both require equal effort to defend against.
Figuring out how to stop break-ins is the ultimate objective of any defender, and understanding root causes goes a long way toward that goal.To read this article in full or to leave a comment, please click here