Cybersecurity - It Takes an Engineer to Catch an Engineer

The explosion and exponential rise in global data breaches and malware attacks has become unprecedented and dangerous. Collating facts and figures on how many attacks makes for an interesting read, but it doesn’t solve the problems. It’s fair to say the security industry hasn’t been shy attempting to solve these problems, but to be equally fair, they don’t seem to have made much progress thus far. Not wishing to be too critical of the security industry, and may they continue with their honorable quest, but it’s most likely they’re suffering from professional blindness where these problems are concerned. Billions of dollars are invested annually in cybersecurity R&D and this investment is predominantly in the area of user authentication techniques - commonly referred to as Identity Access Management. The industry is convinced by investing more time and money on enhanced IAM techniques, that this strategy alone will solve the problems of data breaches and malware attacks. Well, who do they think cyber-criminals are – aren’t they users too? When data breaches occur, doesn’t that mean that cyber-criminals were already in the system and well beyond the IAM check point!