The security industry is sort of like the Band-Aid industry. We apply better, faster, bigger Band Aids… But we re not really fixing the patient.
— Jeff Moss, a former hacker who now advises the Department of Homeland Security. He and other experts tell the Wall Street Journal that the reasons for the security industry s shortcomings include having to deal with lots of commercial software full of flaws, as well as competitiveness in the computer security industry that keeps companies from recommending others products as part of a more comprehensive solution.
The security industry is failing, Amit Yoran, president of EMC s RSA unit, tells Fortune in a sneak preview of the keynote address he was scheduled to give at the RSA security conference in San Francisco this morning.
Fortune notes that by one count, there were 738 data breaches last year, a 25 percent increase over the previous year.
Yoran warns of a catastrophic situation for technology in general if the security industry doesn t get it together, and says what s key is understanding the extent of a compromise before rushing to release fixes.
Yoran also told the WSJ that he planned to announce ways for customers to use a mobile app to confirm their identity using fingerprints or facial recognition.
The RSA Conference runs through Friday.
Photo from Associated Press
