A universal security system must be created and adopted if security threats like Stuxnet are to be eliminated, the AusCERT 2011 conference has heard.
Speaking at the Gold Coast, Lofty Peach consultant, Ron Southworth, said while threats in the security space do not always affect Australia, government’s must work together to combat online threats.
“The bad guys know every bit of information that we know, if not more - they are well funded and we’re not,” Southworth said. “What I’m learning is that coordinated attacks are very effective - what are we going to do about it?”
Southworth said instead of investing funding into chasing offenders, security organisations must begin to build stronger systems built around the notion of self healing.
“For me the important thing, is that we’re struggling to share - bad guys don’t have that problem - we have to get better,” he said.
“People watch for something when it happens - when it happens they’ll mitigate it - the cat is always going to win, we need to build a stronger mouse.”
Rather than government entities taking a hard line approach to regulation, Southworth said a long term move toward a resiliant structure was more important.
“It’s not just our homeland, its everyone’s homeland - this is a large, huge problems for control systems - we have to do it the right way, and not have a knee jerk reaction,” he said.
“Hopefully we can get out of the mode about thinking of protection and moving to a more resilient structure.”
The insights come as the Department of Homeland Security last month shared its insights into what it had learned in the wake of last year’s Stuxnet worm.
Lisa Banks travelled to AusCERT 2011 as a guest of AusCERT
Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au
Follow Lisa Banks on Twitter: @CapricaStar
Follow Computerworld Australia on Twitter: @ComputerworldAu
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.