Confidence 'shaken' in security industry

Fears over computer security are at a critical point and services are being delayed or cancelled because of lack of trust in the internet, according to RSA Security president Art Coviello.

Speaking at his keynote presentation at the RSA Conference in San Francisco, Coviello said that the industry was suffering under the assaults of spam, hacking and malicious software. To fight this threat Coviello argued that the industry needs to radically rethink the way it does business.

"In the past year confidence has been eroded," he said. "I am not a scaremonger, but spyware attacks are having an effect. For the first time services have started to be scaled back."

Coviello stressed that no single company could solve the security challenges posed by the internet today, and said that companies would have to work together using a variety of solutions. These would have to be linked using open standards to allow safe e-commerce.

"We can link stronger forms of identity to create islands of trust," he explained. "These networks will spread, all built on strong authentication [which] must become as second nature as using your ATM card or passport."

But this would require a change in the way computer networks are used. Networks will have to become much more discriminating in the kind of devices they allow to connect, and improperly patched or poorly configured systems would be denied access.

A move in this direction was taken today by Cisco, as part of its sponsorship of the Network Admission Control programme, started in June last year.

The initiative promised to build Adaptive Threat Defence technology into 10 products by the end of March for use over the network, including specialised security modules.

"Because the network is a strategic customer asset the protection of its business-critical applications and resources is a top priority," said Cisco president John Chambers.