There is far too much attention placed on the security system and not enough on the task in hand.
Sam Curry, vice president of product management and strategy at RSA, claimed that most practitioners do not care about what sort of systems they have, and there is far too much attention on the tool and not on the task.
Curry said: “More and more they want things to be transparent and they want to be able to say that it works. Practitioners want to tell IT infrastructure how to behave and they get a report from it, and just say ‘my job is to manage risk'.”
He further claimed that if you were to ask a security person what their job is, someone working for an immature company would say that they manage the firewall, and if they are working for a mature company they will say that they manage risk. He said that ‘it is a disaster if they say I'm a firewall level two guru.'
With the launch of the RSA anti-fraud command centre (AFCC) report for May, trends showed that the use of fast-flux botnets will increase, Trojan functionality and infrastructure will improve and fraud as a service will develop. Curry claimed that money muling is happening and getting worse.
“We are making it difficult for them to do phishing and malware so they will exchange toolkits, they are serious in their opportunity to develop something,” said Curry.