In addition, with respect to KTBR, IT needs to ensure that widespread breaches aren’t going to impact them. This means making sure that protections in place are adequately manned, and have appropriate processes in place to succeed in the face of a determined attack, whether launched from a POS terminal or the internet. Basically, do we have the right people trained, are the best tools in place, and are the appropriate processes being followed?
From an IT security perspective, we are anxious about where the breeches will occur, will we respond quickly enough, will we follow our existing security-privacy practices and policies. Are we doing enough to protect our customers’ data, employees’ personal data, our organizations’ data & intellectual property?
How can we make information security ubiquitous for all users on every device?
A great vision! From Intel’s perspective in the industry, it has been exciting to apply Moore’s law to making security measures easier to deploy, more efficient and more hardened. And it’s exciting to see OSVs improving security in devices of all types. But ultimately, ubiquitous information security won’t come from technology alone. It’s going to require user learning and a change in habits, and that may be much more difficult than any technology innovation.
When you look into your crystal ball, what security challenges do you see in the near future? What should we start preparing for?
We need to keep striving for highly resilient and trusted code execution. Today’s curated app stores offer users some security benefits, but we need to assume and plan for malware to break those protections and to escape detection. Which begs the question, how can we create strong isolation and protection for data and credentials in dirty environments? I’m excited that the next few years could bring real advances.
Also we need to complement our security thinking with a commitment to “privacy by design.” Some innovative thinking on this front has come from the Privacy by Design Centre of Excellence. My Intel colleague David Hoffman is an ambassador for the Centre, and David's comments are very helpful, as are the writings of Ann Cavoukian, Ph.D., founder of Privacy by Design.