The global cost of cybercrime is estimated at over US $100 billion per year, a financial impact that is comparable to major drug trafficking throughout the world. Accordingly the underground marketplace for vulnerabilities and compromised data is developed with powerful players backed by organized crime. These criminals seek accesses to financial systems, user data and anything that can be easily sold and converted to cash.
Despite these threats, the web continues to grow based on connecting individuals, knowledge, and by providing valuable services that operate on sensitive user information.
How do we reconcile an increasing threat that preys on the very information that is required for the growth of the web? How does an organization balance the challenges of innovation, speed, and cost versus the seemingly doomed approaches to security?
We must first understand the reality of our adversaries and the status quo of security defense. Then we can ask the hard questions and fundamentally change how we approach securing applications and data.