The U.S. Senate is currently evaluating a bill that would require companies to break encryption under a court order. There is much controversy around this bill, in fact several organizations have already spoken out against it, including the CTA.
Last week I participated in a panel discussion at INCOMPAS in DC on this critical subject of security v. privacy (as covered by Light Reading) and what it means for carriers. While there, I met with many MSOs and Regional LECs about their businesses to talk about the issues they face today.
This issue, at its heart is not only relevant to how companies secure their data, as this bill potentially threatens the validity of all forms of cyber security. It is truly a societal question of: is the government’s drive to protect its citizens from threat greater than every individual’s right to privacy? My colleague Carl Herberber expounds on the need for national privacy laws in a recent TechCrunch article. Instead, we see bills that look to further strip organizations and individuals of their privacy.
In addition to the discussion about the FBI’s case against Apple to break their own encryption algorithm, we had an informative discussion about Layers. There appears to be a misconception amongst the executive audience that is a “one-size-fits-all solution for all security problems, a magic pill that once taken would inoculate your business against all security threats.”
This is a dangerous misconception. You see, security is like a series of layers or filters that filter water. Each successive layer or filter removes smaller and smaller rocks until the last filter leaves pure water. Depending on your business and where your threats emanate from determines the applicable filters and therefore what systems to put in place. Starting with things like two-factor authentication, risk based authentication, moving to antivirus and antimalware, then to DDOS protection, data encryption, mobile malware and advanced persistent threats.
Understanding your business and where threats can emanate from is the critical first step to putting the correct layers in place and it’s more effective than a magic pill. Carriers are starting to understand that there are multiple risks they must protect against including network and application threats inbound from the internet, rogue handsets launching attacks from inside the mobile network and ransomware targeting their enterprise customers. IT’s time to put all the layers in place.
Mike O’Malley brings 20 years of experience in strategy, product and business development, marketing, M&A and executive management to Radware. Currently, Mr. O’Malley is the Vice President of Carrier Strategy and Business Development for Radware. In this role, he is responsible for leading strategic initiatives for wireless, wireline and cloud service providers. Mr. O’Malley has extensive experience developing innovative products and strategies in technology businesses including security, cloud and wireless. Prior to Radware, Mr. O’Malley held various executive management positions leading growing business units at Tellabs, VASCO and Ericsson. Mr. O’Malley holds a Master of Business Administration degree, a Master of Science in electrical engineering, and a Bachelor of Science in electrical engineering from the University of Illinois. He also is a graduate of the Executive Strategy Programs at the University of Chicago.