ISC2014: Cisco CSO Jiang Stove says active defense achievement Safe Future

2014 China Internet Security Conference (ISC2014) opens in Beijing National Convention Center. On the 25th afternoon of the "Forward-looking Technology Summit", in the field of information security professionals have more than 25 years of practical experience in security experts, Cisco Systems Asia-Pacific, Greater China's chief information security Officer Jiang Stove, published the "Active Defense achievements Secure Future" keynote speech. He said that only the initiative to do a good job of safety preparation, can further improve the ability of security defense, active defense is the basis is also a key concept. Figure: Cisco Systems Asia Pacific, Greater China Chief information security Officer Jiang stoves according to Jiang Stoves, Cisco reported this August, a report this year, starting from 2010 almost 14% of the annual increase in loopholes, can see the threat and the activities of the attackers have increased. IBM, which last year counted more than 1.5 million attacks on the US network, should be a larger number if you look around the world. This has led to more and more problems such as data leaks and identity theft. Jiang says that when hackers exploit users ' computers with vulnerabilities, they are not just leaks of data and information, but identities can also be stolen. More seriously, if a company is attacked, it can lead to loss of property, and loss of corporate credibility. A 2012 survey showed that 75% companies were exploited by hackers for only a few minutes. After the attack, 38% of corporate respondents were unaware of the attack, while 29% and 54% of the companies were not aware of the attack for more than a few months. "In the face of hacker attacks, some companies use security management to strengthen prevention, rather than check the enterprise system for loopholes." If new vulnerabilities occur, they are vulnerable to attack. After the attack, 40% of the enterprise will take several months to solve the problem of attack, and recovery system will take a lot of time. "said the Jiang stove. In addition, in order to avoid being attacked, many enterprises will use defense in depth, in addition to data encryption, there will be an application protection, so hackers are not easy to get data. In addition, each additional layer of defense requires new investment. The security system increases the protective layer, each layer and another layer is inconsistent, the more layer of defense, will form the more complex system. However, these methods are not absolutely safe, and there is no absolute security in the security industry. Jiang said that in the face of security problems, enterprises can do risk management, for example, send a person to investigate, to check where there are loopholes and risks. In addition, enterprises to establish a good response system is very important, enterprises should do a good job of system detection and notification. If the network system environment is found to have new changes, enterprises can take effective measures to reduce the loss of enterprises, as soon as possible to restore the network system. Only by doing a good job of preparation can we improve the safety and prevention ability of enterprises. According to the organizers, ISC2014 has become the Internet security industry practitioners and entrepreneurs, security professionals, enterprises and institutions of information managers, network administrators and security technology enthusiasts to understand the security industry and technology trends, grasp the industry and technology direction, know the direction of the safety personnel needs, learn the platform of the latest technology and skills. (Itbear technology information)