For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Why Legacy Security systems fail - Take 1

Why 'Take 1'?? Because I expect I will use this title a few more times. I recently spoke at the Government National Security Conference on the topic of why organisations that spend £millions - sometimes ten's of millions - on network security still regularly appear in the media over avoidable data theft attacks. 

Interesting reading this morning from Phil Muncaster about a Chinese Cyber Crime Gang suspected of making over £30 million because they were able to hack applications and make changes to government databases. It is alarmingly simple to attack web-based applications when only

network legacy security models are implemented. Only application security can protect applications.

Learn more about the many attacks invisible to legacy network security (Firewalls) from OWASP - the Open Web Application Security Project:

Application Security focuses on the communication within the encrypted connection between the consumer/customer and the Application itself. This is where most data theft attack attempts take place and, conversely, is often overlooked in favour of heavy spend on e.g. network firewalling.
Published Jul 31, 2012
Version 1.0
security
uk
No CommentsBe the first to comment