Skip to content

Can We Win?

April 21, 2009

eIQ is at the RSA conference this week (Booth #2058) and in watching the first two keynote speeches, where RSA’s Art Coviello and Symantec’s Enrique Salem alluded to “winning” over the fraudsters, I wanted to comment a bit on that entire concept. These CEO’s are positing that by collaborating as an industry and embedding security into the infrastructure, we can “win” against the bad guys/gals.

Is that the right goal? Let’s look a bit a history. Have we “won” against traditional crime? No. Have we beaten terrorists? No.

So what makes us think we can beat cyber-crime? Though I’m sure trying will result in a good amount of product sales and even more services. I guess I run the risk of sounding like a broken record, but it’s not about winning. We can’t invest enough and there really isn’t an economic driver to win. We are just trying to NOT be the slowest gazelle in the herd. As long as there is someone slower (meaning an organization more at risk than you), investing incrementally more money to eliminate the last vestiges of risk isn’t worth it.

The banks assign a certain amount of money to cover “shrinkage.”. So do the retailers. It’s not worth the investment for them to totally eliminate fraud. They are trying to keep it at a manageable level. We (for the most part) adopt the same approach, though I’m not sure it’s intentional.

We need to stay focused on the objective of our security efforts. To keep cyber losses to a manageable level, within a reasonable amount of investment. Once we let go of the need to win, we can get back to doing our job. Which is to protect the information of our organizations and make sure business systems remain available.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: