Schneier on Security Resilience
Insights from Security Leader at GISEC Event in Dubai
In developing markets such as Asia and the Middle East, how can security practitioners best prepare themselves to tackle the rapidly-changing threat landscape? Resilience is the key, says security leader Bruce Schneier.
The way to think about security is a combination of protection, detection and response, says Schneier, a fellow at the Berkman Center for Internet and Society at the Harvard Law School, USA. While there is a lot of prevention and detection technology, response is the missing piece, he says. The more you can look at response, the more effective you will be.
“The goal is resilience,” he says in an interview conducted at the Gulf Information Security Expo & Conference in Dubai. “The goal is to be able to survive attacks and thrive in the face of them. The goal is to be able to work in a world where these threats aren’t going away. Resilience is about doing what you need to do to keep operating, in spite of threats.”
Preventing and preempting attacks requires a great degree of sophistication on the part of the defender. While incident response has been an area of security for decades, it hasn’t been integrated well till now. This is changing slowly, with more products and platforms in this space, he says.
“There is no single message that I can share,” he says. “The threats keep changing, and it largely depends on the context and what’s going on.”
Information Security Media Group caught up with Schneier at GISEC, Dubai, where he was a keynote speaker. In this wide ranging interview, he discusses:
- His views on information sharing;
- The concept of resilience and the problem of increasing sophistication in attacks;
- Recommendations on problems unique to Asia and the Middle East.
Schneier is a Fellow at the Berkman Center for Internet and Society at Harvard Law School. He is an internationally renowned security technologist – The Economist calls him “Security Guru”. He is the author of 12 books, including Liars and Outliers: Enabling the Trust Society Needs to Thrive, as well as hundreds of articles, essays, and academic papers. His influential newsletter “Crypto-Gram” and his blog “Schneier on Security” are read by over 250,000 people.
Varun Haran contributed to this report.