RSA Likens Security Threats To Boiling Frog Myth

The emergence of consumer technology in business such as the iPhone combined with a massive inrease in web use personally and by companies has created a situation for corporate IT security akin to the myth of the slowly boiling frog, according to RSA Security.

Speaking at the RSA Conference Europe 2009, in London, RSA Security chief executive Art Coviello (pictured below) said the increasing use of personal devices for business and the rise of social networking sites and other interactive web sites was changing the threats that companies now face in terms of IT security.

“We are doing so much more on the Internet personally and in business than could have been perceived at the time of the dot com crash,” he told an audience of IT security professionals.

To illustrate his point, Coviello used the well-trodden urban myth that a frog will jump out immediately if thrown into a pot of hot water but can be taken unawares if placed in cold water and temperature raised slowly to boiling point.

“Not unlike the frog, we have been sitting in the pot while degrees of openess, and information growth have combined with evolving threats to stoke the fires and raise the temperature to uncomfortable levels. So how you feeling now?,” he said.

The RSA boss added that as technology continues to evolve – new security threats will emerge in tandem.

“It is only going to get hotter as new trends are headed our way. Megatrends in society, economony, politics that are driven by technology and all of those will drive up the heat for information security,” he said.

To illustate his point, the RSA chief cited the increasing number of digital identities – created by social networking sites and other web sites – as contributing to security vulnerabilities. “There are more digital identities than there are people, and identities can belong to systems and devices as well as people,” he said. “By 2015, estimates are that there will be 15bn devices communicating over the Internet.”

RSA senior vice president, Chris Young, also speaking at the event, said that some companies had simply tried to block the use of new technology but that approach was unworkable ultimately.

“Bucking trend of consumer devices is not an option,” said Young. “IT departments have tried to resist corporate support of BlackBerrys or ban the use of the iphone or instant messaging – some of us have even tried to fill the USB ports with Epoxy to prevent USB drives from copying files more often than not this resistance is futile and counterproductive in many cases.”

Young added that trying to simply block new technologies and the potential security threats that they bring would actually result in companies and security organisations failing to keep pace with the real world.

“Trying to prevent the use of attractive new technologies for business especially when they can be found in new homes is really a sure fire way for all of us security professionals to become irrelevent. Organisations that buck these trends will likely be left behind by the competition.”