Data security is a growing problem, all around the world. The FBI, governments around the world, and most large corporates have recognised the seriousness of this growing problem. Why has it arisen? And with such apparent suddenness? The reason is a combination of factors, all of which have been acting at once, and with increasing force over recent years.
Firstly, there is the increasing complexity of our IT systems. Complexity is the enemy of good security, and our information systems become more and more complex as each year goes by. As users demand more features, organisations face increasing pressure to release new software, regardless of how confident they are that the security is solid.
Secondly, it's a result of our increasing inter-connectivity. As more and more things need to be done on-line, and more and more systems are linked to each other, the risks increase geometrically: compromise on one system opens doors to many others.
Thirdly, it's because the number of those working to subvert your information security is growing dramatically. Certainly the number of professional hackers is increasing dramatically. Hackers now stage international conferences, attended by thousands. But they're mostly knowledgeable, and their motivation is often status and recognition. They will rarely cause you damage by accident, and with luck the greatest harm they will cause to you is to your reputation.
More worrying are the members of the largest group, the "script kiddies" who don't have the expertise, but use hacking tools created by others. These individuals can harm you without even understanding the significance of what they're doing, but the sophistication of their tools means that the hard they can cause to an organisation can be immense!
Finally, the most damaging group of all is the professionals. Motivated purely by commercial factors, whether industrial espionage, fraud, theft of IP and other confidential information, these operators can enter your systems, steal your information, and be gone, before you realise that anything is amiss.
Finally, the real issue. Despite all of our efforts, information security technology hasn't lived up to its promise.
