LONDON: Businesses' traditional security practices are not strong enough to protect company data and need radical overhauling, according to Autonomy founder Mike Lynch.
Lynch lashed out at security vendors and the defence strategies and technologies used by enterprises during a speech at the IP Expo conference attended by V3.
"Security in general has been shown to fail. People are obsessed with people breaking in, with the hacker approach," said Lynch.
"It's data loss that is the real problem."
He went on to cite cloud security as a key example of the problem.
"Security around the cloud is pretty much done. We will have scandals, we will have leaks but it won't be down to encryption keys, it will be people," said Lynch.
"Security in IT has tended to focus on the external rather than the internal threat, that needs to change," said Lynch.
Lynch said that businesses traditional approach to security is causing employees to begin playing fast and loose with their company's data.
"The traditional reaction to the problem is to lock everything. This makes doing things arduous," said Lynch.
"Take things Like Dropbox. It is staggering to see how much corporate data is going through Dropbox. Businesses are making it more arduous so employees are going round the system and sharing things through Dropbox," said Lynch.
Lynch highlighted that the fragmentation caused by using services like Dropbox could cause serious problems, should the company come under investigation for its data handling.
"Take the US for example. You can be called up and told you have 99 days to present all the pertinent data," said Lynch. "If you can't control your data and get it together, that's a criminal offence."
Lynch went on to call for businesses to adapt their security models from the outdated perimeter strategies into new intelligence-based ones that focus on monitoring and policing external and internal network activity.
"We're going to need new security models, security models that embrace uncertainty," said Lynch.
"It's like having a dark room: you can't see everything that's going on in it, but if you set up alarm bells in it, you can hear them ringing and know where the problem is."
Lynch's comments coincide with widespread calls within the security industry for companies to move from outdated perimeter based cyber defence strategies to intelligence based ones.
Most recently RSA executive chairman Art Coviello and president Tom Heiser indicated companies slow progress changing to the new model is largely due to outdated privacy laws that force businesses to use more outdated security practices.
Dubbed Antlia 2, the ghost galaxy sits just 130,000 light-years away from the Milky Way
Delays to the roll-out of age verification for adult websites hasn't stopped government from considering extending them to more websites
Bluehole confirms rumours that Playstation 4 port is coming on 7 December
Atmospheric iodine works as a significant sink of tropospheric ozone, nullifying the harmful pollutant