HP execs debate reality of hacker expertise; lament most businesses don't understand

Summary:Hewlett-Packard execs argue that the problem with the security culture today is that many businesses are still following a "check box" approach without understanding hackers' resources and capabilities.

SAN FRANCISCO -- Combating cyber attacks on businesses requires a complete change in understanding as well as stronger investment in defense before and after these breaches occur, based on a panel discussion of Hewlett-Packard executives and security experts on Friday.

In explaining HP's perspective on the current state of cyber security, Art Gilliland, senior vice president of enterprise security products for HP's Software group, reflected that most of the media and corporate attention is directed towards specific actors, such as Anonymous.

He described that approach as a "red herring" in terms of how companies need to respond.

"This is a game of risk management," Gilliland asserted. "Companies need to be able to see and understand their exposure potential and prioritize what they respond to."

That's because, according to Gilliland, there's so much money involved in the sale of intellectual property -- whether it's about credit cards or espionage -- there is a marketplace that has grown around cyber crime. He explained that "markets do very specific things," including organizing participants and creating a process.

Thus, Gilliland argued that if companies are going to be more effective in responding, they need to think about how they can disrupt each of the steps in the process of establishing this marketplace.

Gilliland outlined that process is made up of the following five steps: research, infiltration (breaking into a company), discovery (mapping out assets about where data may live), capture (adversary takes control of the asset), exfiltration (stealing of data and/or destruction of data).

"This is a game of risk management," Gilliland asserted. "Companies need to be able to see and understand their exposure potential and prioritize what they respond to."

Based on the conversation on Friday, two of the problems here could be that most companies are both slow to understand this and they are prioritizing security budgets in the wrong way.

"We're competing against the best in the world, and they only have to be right one time," Gilliland remarked.

Scott Lambert, director of HP DVLabs, concurred with Gilliland, remarking that we need to be quicker at identifying when and responding to hackers after they've already broken in.

"Attackers are shifting in the landscape today," Lambert said, adding that most hackers are now going after primary individuals rather organizations.

Gilliland followed up that "it's inevitable" that cyber criminals are going to innovate around the latest antivirus toolkits and solution.

"We're competing against the best in the world, and they only have to be right one time," Gilliland remarked.

He continued that if you believe that's true (which he asserted most security experts do), you have to be really good at catching them on the inside before they've stolen data.

Topics: Security, Hewlett-Packard, IT Priorities, Privacy

About

Rachel King is a staff writer for CBS Interactive based in San Francisco, covering business and enterprise technology for ZDNet, CNET and SmartPlanet. She has previously worked for The Business Insider, FastCompany.com, CNN's San Francisco bureau and the U.S. Department of State. Rachel has also written for MainStreet.com, Irish Americ... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.