McAfee CTO: Security on embedded devices must be a priority

McAfee's chief technology officer proposes breaking the myth that certain things don't need to be secured, and that certain things aren't securable.

SAN FRANCISCO -- We need to take a more proactive approach to security, especially on embedded devices, according to McAfee's chief technology officer Stuart McClure.

Speaking during the afternoon keynote session at the 2012 RSA Conference on Wednesday, McClure described the security scene in 2011 as "a mess, quite frankly."

"Being on the good side is not easy," admitted McClure, explaining that for cyber criminals, all they have to do is find a crack in the system to break the whole thing open.

Cyber attacks in 2011 hit everyone from the entertainment industry to governmental agencies worldwide.

"It doesn't always follow any rhyme or reason. All it takes is one little trigger," McClure posited, adding that it's only getting worse and worse.

McClure argued that most cyber threats started off based on ego.

"Bad guys wanted to prove they're smarter than you," McClure asserted. "Then they figured out that they could make a lot of money."

Over the course of the last decade, financial incentives were followed by espionage, then weaponry, and most recently, the incentive of a perceived purpose seen through hacktivism in 2010 and 2011.

McClure reminded audience goers that sometimes security breaches aren't actually that sophisticated but are successful (and damaging) all the same.

For example, when Paris Hilton's accounts were hacked, the culprits simply tried the name of her dog, "Tinkerbell," as her password -- and it worked. While it seems like a joke now to many tech insiders, there are plenty of people online who still make similar mistakes today.

McClure stressed the importance of recognizing the need for advanced security measures on more than just computers but also embedded devices, ranging from gas station pumps to cars themselves.

McAfee's CTO used the example of healthcare devices -- specifically insulin monitors for diabetes patients. Considering that 285 million people worldwide are affected by diabetes today and an estimated 438 million will be by 2030, embedded devices tracking health and statistics related to diabetes is a huge market.

Unfortunately, given how many people could be affected, this space could also become a target for cyber criminals, whether they're interested in distortion or simply making a point about whatever concerns them.