Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Experts: Application Security Is Key to Back-End Data Protection

NEW YORK --- Firms need to shift their focus from network to software security, particularly for source code and Web-based applications, if they want to protect their data and avoid an embarrassing data breach. This was the warning from users and security experts at an event examining cybercrime here last night.

"You realize that we will have to start using different tools to battle the enemy," warned Ted Schlein, a partner at venture firm Kleiner Perkins Caufield & Byers, during a panel discussion. "It's not your networking guys that can solve this problem, [you need to] get your engineers involved -- this whole approach could save your back-end storage."

With most firms lavishing resources on perimeter security over the last few years, hackers are increasingly targeting vulnerabilities in Web-based applications as a way to steal sensitive data on databases and back-end storage systems, according to the V.C.

"Data losses cost this country $180 billion to $200 billion a year," he told Byte & Switch, explaining that perimeter security measures such as firewalls are effectively bypassed by cyber-criminals. "It's a different set of rules and infrastructure -- corporate IT has not kept up with that [threat] because security is in the hands of the network operations people."

The New York-based Depository Trust and Clearing Corporation (DTCC), which provides clearing and settlement services for the financial sector, is already taking steps to address this challenge.

  • 1