Schmidt: Small businesses have few resources for network security
Protecting home computer networks against security threats is as problematic as managing a small business, according to former White House cyber security advisor, Howard Schmidt.
Speaking today at the Claranet forum to discuss ‘zero-downtime/always on' for internet services, Schmidt, who is now the president and chief executive of R&H Security Consulting, said defending home networks against information security threats - including hacking, identity theft, viruses and phishing - is a major challenge for the security industry.
He said: "Large enterprises have been doing a good job in preventing security breaches. They are providing free security services, rewiring and reengineering their services themselves, and blocking phishing, spam and trojans.
"But small businesses normally don't have full time IT staff. They don't normally have someone who thinks about security. Office managers usually do it themselves and are stretched.
"We now have a situation where home networks are like small enterprises to manage. Clearly the challenge associated with that becomes difficult."
Schmidt claimed that with the increasingly widespread use of wireless internet and high speed broadband, along with the growing number of people who own a computer and personal digital assistant, there will be more endpoints to protect against security threats.
"In the future the big issue we are going to be dealing with, particularly with the home networks and SMEs, is there are more endpoints to defend. Now everything is done at the endpoint," he said. "The motivation of hackers is changing too. They are no longer viewed as ‘clever hobbyists' but real criminals doing this for financial gain," he added.
The former CSO of Ebay also said that cyber criminals are starting to move away from network based attacks towards targeting applications directly.
Schmidt said: "Hackers are now shifting and focusing on applications. Not only network applications, but also word processing and spreadsheet applications and shopping cart - things that users spend a lot of time on. They are changing tactics because we don't pay a lot of attention to the successful security development of these things."