IT security a new challenge post Snowden, ISSE conference told

Business is facing a new challenge in securing data in a post Edward Snowden era, ISSE 2013 conference told

Business is facing a new challenge in securing data in the wake of revelations by whistleblower Edward Snowden, says Norbert Pohlmann, chairman of IT security organisation TeleTrust.

“We now know that the US National Security Agency has made the whole security system weak by building in weaknesses that criminals can use,” he told the ISSE 2013 security conference in Brussels.

Pohlmann said that, in light of Snowden's revelations, businesses need to find new ways to secure backdoors in hardware and software, and protect data.

The forced collaboration with online email and other services also means that businesses will have to reassess how appropriate these services are for business purposes.

Even the grim economics of the cyber threat world have been laid bare, showing that big IT suppliers are unable to compete with intelligence agencies in paying for the top threat capabilities.

“Intelligence agencies are able to pay more than suppliers for this information, which they use for their own purposes and do not share with business to help improve their defences,” said Pohlmann.

This raises the question about whether the ends justify the means, he said.

The challenge facing every organisation now, said Pohlmann, is working out which suppliers, evaluations and certifications can be trusted, and what constitutes evidence for trust.

In the post Snowden era, he said, business is faced with the challenge of deciding what to do, knowing that most of today's security technology is unable to stop the determined attacker.

“In evaluating the IT security situation, we can see a change for the worse since Snowden,” he said.

The focus now, said Pohlmann, should be on finding ways of stopping the misuse of IT vulnerabilities and detecting backdoors and other weaknesses in products and services.

Read more on Prism

Read more on Hackers and cybercrime prevention