Bodyguards and Band-aids: Scaling Back your Costly Security Fortress with Self-Protecting Software Appliances
Non-security objectives led modern general-purpose operating systems to rely upon monolithic kernels and a more than 40-year-old, CPU-only hardware protection model. This kernel structure is inherently flawed and breeds vulnerabilities among unrelated components.
The limited hardware protection model is fundamentally incapable of supporting the levels of remote-attack security required in today’s massively complex on-line systems.
The industry's basic response has been to surround vulnerable server systems with protective "bodyguard" systems to shield them from the malice they now routinely encounter from Internet traffic. Sadly, bodyguard appliances themselves often employ the same defective structures as the servers they were designed to protect. As a result, we find vulnerable servers surrounded by similarly vulnerable external protective appliances. Both require continuous patching and remediation from continuously discovered flaws. Thus, industry's response aptly may be called "Bodyguards and Band-Aids."
The presentation will discuss the seven root causes of insecurity, the nine specific properties needed to achieve “genuine security” and how to incorporate them into any enterprise IT architecture.
For more information about the IntrusionWorld Conference & Expo visit: IntrusionWorld
About Dr. Bill Worley 
Dr. William (Bill) Worley Jr. is the CTO of Secure64 Software Corporation. He is a Retired HP Fellow (Chief Scientist and Distinguished Contributor), and served as a Commissioner of Colorado Governor's Science and Technology Commission. He received an MS (Physics) and MS (Information Science) from the University of Chicago and a PhD (Computer Science) from Cornell University. Bill is a system architect. At HP, he directed the team that developed the PA RISC architecture. He later directed the development of the PA Wide Word architecture, the foundation for the HP/Intel partnership that led to the Itanium 2 microprocessor family. Prior to HP, during 13 years with IBM, he contributed to architectures for mainframes, storage systems, and IBM's first RISC architecture. In the years prior to his retirement from HP, Bill focused upon hardware and software architectures for secure systems. Following retirement, Bill joined Secure64 Software as a co-founder and CTO. Secure64 has developed a multi-core platform control system, including a queued, asynchronous network stack, which fully exploits the security capabilities of the Itanium architecture.
Joe Gersch to speak at IntrusionWorld
2:00 pm, May 13, 2008 |
Security ROI vs. TCO: Conventional Wisdom vs. a Smarter Way to Evaluate Security Investments
When evaluating the net impact of most IT investments, companies typically use traditional ROI calculators. These calculators are very effective for evaluating ROI for a server or an enterprise software application, but these calculations are not effective at measuring the true benefits of security measures: cost savings.
A total cost of ownership (TCO) analysis is therefore more appropriate for evaluating security purchases, and when you look at these implementations through the lens of a TCO calculator you see something very different than what a typical ROI analysis would tell you: most companies are spending significantly more than they need to on security infrastructure, while falling far short of the security goals they are striving for; and many companies are overlooking a different approach to security, which has a lower TCO and a better approach to achieving their IT goals.
Any IT person will be skeptical of a TCO scenario where a “you get what you pay for” mindset results in a less secure, lower performing system. This presentation will compare the pros and cons of the various ROI and TCO calculations, then guide attendees through a lively, interactive discussion about how they can achieve the most reliable application security in the industry for a fraction of what they are likely spending today using a “genuinely secure” approach.
For more information about the IntrusionWorld Conference & Expo visit: IntrusionWorld
About Joe Gersch 
Mr. Gersch is responsible for software development, productization, and technical support for Secure64. He led the development of a genuinely secure operating system, SourceT, which is immune to rootkits and malware and resistant to network attacks such as Denial of Service. He also led the development of the Secure64 DNS server, which is built on SourceT and represents a significant advance in DNS security and performance.
Previously, Joe was at Hewlett-Packard where he led product development for smart cards, cryptography, network security as well as OpenView R&D. Joe earned a B.S. in Computer Science at the University of Michigan and an M.S. in Computer Science from Colorado State University. He is also a board member of the Vivit (formerly OpenView Forum International) and is an advisory board member of Voyence, Inc. |
|
