Don't overlook preventive measures, expert warns

Featured eBooks
Next-Generation Computing
Read Now

Space Tech

Read Now

Cyber Workforce

Read Now
Insights & Reports
Data Storage To Meet Every Need, All Powered By ONTAP
Presented By TD SYNNEX
Download Now
Strengthening Government Resilience: Securing the Future of the Federal Workforce
Presented By Cornerstone OnDemand
Download Now
By Brian Robinson

By Brian Robinson

|

Patrick McBride, chief technology officer and co-founder of META Security Group, thinks the government and industry are in danger of missing the forest for the trees if a cybersecurity early warning system focuses only on potential threats.

Related Links

Looking for trouble

Patrick McBride, chief technology officer and co-founder of META Security Group, thinks the government and industry are in danger of missing the forest for the trees if a cybersecurity early warning system focuses only on potential threats.

"Knowing a threat could be coming is important," he said, "But it's much more important for organizations to prioritize fixes and patches for vulnerabilities" beforehand.

People continually overspend on security threats and underspend on vulnerability assessments and patching, he said. So, if a public/private system is eventually built, sharing data on vulnerabilities could prove far more important than sharing information on threats.

"Assuming I know about vulnerabilities in my systems and have the information available to fix them," McBride said, "then there's an added value on the threat side where I can link those threats more precisely to the kinds of vulnerabilities they can exploit and fix the most important systems first."

In the end, he said, fixing vulnerabilities is where people will always get "the best bang for the buck."

NEXT STORY: NASA sets Web mark