Know your security onions
Steve Brown, managing director of Novell UK, recommends the multiple, overlapping layers of the 'onion' approach to cyber-security.
The biggest ever cyber-crime involved the theft of more than a million credit card numbers from online banks and retailers across 20 countries.
According to the FBI, the thieves were able to seize the details in spite of firewalls and other security tools in use at all 40 sites involved.
The immediate reaction to the heist was to ask how hackers bypassed the expensive security software. The answer was that they didn't have to.
An analysis of the attack showed that the hackers had exploited a known vulnerability in Windows NT for which Microsoft had provided a patch since 1998. The victims simply hadn't got around to updating their systems.
Indeed, the myth of the genius hacker who breaks into systems using cunning and expertise is just that: a myth. Most hackers simply don't have the skills or the resources to hack into well-protected systems.
[ Read more ]