Security Chasm! HITB 2010 Keynote by Dr. Anton Chuvakin
"Have you often wondered why people are updating their security policies, closing compliance gap and define ISMS while attackers are owning their systems – at the same time? Why consultants advise management on ‘risk tolerance’ while new bots are being deployed on what was formerly known as ‘your network’? Why some say that “DLP is all the rage” while record data losses occur daily?
Reality today often presents a grim vision of “two securities”: one concerned with ‘elevating the infosec conversation’ while the other is concerned with cleaning up the mess on our networks and systems. In one, people pretend to ‘assess risk’ while in the other incident response is the only way to go….
This very concept, that I call “security chasm,” will be the subject of my keynote presentation, along with such questions as “why we wear seatbelts because of the monetary fine, but not because of risk to our lives?” and “What will make us secure?” (and what does it actually mean!)
Finally, I will explore the future of what we now call ‘security industry’ and make a few long term predictions of where we will end up in a few years…."