Modernizing Authentication — What It Takes to Transform Secure Access
CompTIA president and chief executive officer Todd Thibodeaux said the aim is to touch on all of the key issues in cyber security.
The area that Im most interested to see how much discussion and dialogue happens around is mobility, he said. Between last years Breakaway and this year, weve seen an immense number of issues come to the fore in the handset and iPad, and generally, in the mobility area as a whole.https://l1.cdn.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iTo that end, Thibodeaux said, CompTIA has invited Chicago-based viaForensics to Breakaway 2011. Theyre doing a service called appWatchdog, which looks at applications, he said. Weve toyed with some ideas about doing things with that; either certifying applications, or developing certifications around people who develop mobile apps and security. I think thats just going to become a bigger and bigger issue, so Im very interested to see how that dominates the discussion.
Thibodeaux said the basic concept behind viaForensics offering is straightforward. They will take an application and basically beat it to death to see how many security holes it has in it. Andrew Hoog, [viaForensic's chief investigative officer and co-founder], is going to speak on one of our panels on that particular topic. Theres not a lot of companies in this space right now, and theyre doing some really innovative things.
The problem, Thibodeaux said, is that mobile applications present some unique security challenges. You dont see a padlock anywhere in an app to let you know how that app is securely storing data or not so I think were going to see an emergence of some seals along the way, like we saw from VeriSign when the Internet was first coming along, he said.Another key issue, Thibodeaux said, is micro-breaches.
I had an experience in an airport three weeks ago where two gentlemen that didnt know each other were sitting there, and one person had set up his 4G hotspot and, when he went to the bathroom, the guy next to him looked at it and wrote down the entry code and logged onto his network, he said. So this is an issue, these small incursions, which have significant implications for maybe not huge populations, but really serious implications for a small number of people.
Thibodeaux said CompTIA is also strongly in favor of a national standard for data breaches. Continuing to talk about the patchwork of state laws just does nobody any good. It doesnt help in any way. And so some of the legislation that Representative Mary Bono Mack (R-CA) has talked about is pointing the way towards what wed like to see, he said.
At the Cybersecurity Summit on Thursday, Congressman Peter J. Roskam will introduce the Congressional Small Business Information Technology Caucus, to be chaired by Roskam and Congresswoman Loretta Sanchez. Theyve agreed to co-chair a new congressional caucus focused on the issues of the SMB IT community, and I suspect that security issues are going to be a big part of the things that that caucus will be dealing with, Thibodeaux said.
The Cybersecurity Summit will also include two panel discussions. The first, Security & Cloud Migration Challenges for Business and Government, will examine the security concerns surrounding cloud computing and the best ways to mitigate them. The second, Cybersecurity in the Age of Mobility, will look at the challenges inherent in promoting technological innovation while also protecting data.
The Cybersecurity Summit will conclude with a presentation by Allan A. Friedman, research director of the Center for Technology Innovation at The Brookings Institution. Friedmans current research focuses on IT policy with a particular emphasis on cyber security policy and the dynamics of information policy.
Security-related events at Breakaway 2011 include the IT Security Channel Training Course, which consists of three modules. The first module, Transforming Your Business Through IT Security Part 1, explores what comprehensive security looks like and what it takes to become a trusted security advisor.
The second, Transforming Your Business Through IT Security Part 2, lays out a process for completing a risk analysis, including how to assess emerging risks and trends in the IT industry.
The third, Strategies for Accelerating Your Security Business, offers guidance on developing security strategies that take into account customers business needs and the current IT landscape.
In addition, the CompTIA Security Trustmark Workshop: Your Roadmap to Security Best Practices will offer skill-building exercises, resources and networking opportunities to help participants prepare their companies to earn the CompTIA Security Trustmark, a credential awarded to IT solution providers.
Jeff Goldman is a freelance journalist based in Los Angeles. He can be reached at email@example.com .