Ex-NSA CIO/CTO says Eastern Europe is developing its IT security technology more efficiently

Dr Winter, who is now CTO of IT security vendor Arcsight since retiring from the NSA, has just returned from a NATO cybersecurity event in Estonia and, he told Infosecurity, following on from Estonia's internet infrastructure being downed for two months by a series of DDOS attacks, the country has done a sterling job in redeveloping its infrastructure to prevent a repeat of the attacks.

The most obvious issue with cybersecurity at the moment, he says, is that many experts say there is a choice between implementing a risk analysis and best practice approach or deploying multiple layers of security.

In fact, he says, there isn't a lot of difference between the two strategies, as the infrastructure we all use on the Net is made up of a series of connected systems.

"IT security is not a major part of the agenda", he said, adding that, even if our IT systems were bulletproof – which they are not – there would still be security issues with programming new systems as they are added to the infrastructure.

Against this backdrop, Dr Winter argues that there is a need today to defend what is fast becoming an open network.

"There is also a risk here it comes down to identifying the need for best practice", he said.

The bottom line, he added, is that any organisation that has information of value on its network has to defend its data. You are, he explained, going to be a data target.

Because of this, he says that companies wanting to better defend their IT resources have to develop a security road map and a set of security systems that can work more efficiently, and so better defend the firm's IT resources.

Surprisingly, Winter, who spent around 25 years working with the NSA, says that, whilst there is still a need to develop an automated security infrastructure in most organisations, the reality of the situation is that companies need to have a high level of expertise to manage what is often a complex IT security infrastructure.

"You'd like to automate stuff but to do this in most organisations you need to fundamentally understand how it all works," he said, adding that IT professionals also need to a substantial level of instrumentation.

What’s Hot on Infosecurity Magazine?