• “Business now relies on information infrastructures that are interlinked and interdependent… The way in which these hidden interdependencies pervade our everyday lives is staggering and, in some cases, may go unchecked for many years until an incident occurs that revels the true nature of the interdependences' impact.”

    The British Government’s Technology Strategy Board, 2008
  • "There is a good chance that large quantum computers can be built within the next 20 years.  This would be a nightmare for IT security if there are no fully developed, implemented, and standardized post-quantum signature schemes."

    Prof. Johannes Buchmann, et al, “Post-Quantum Signatures”, Oct 2004, Technische Universität Darmstadt

  • "Today’s systems must anticipate future attacks. Any comprehensive system – whether for authenticated communications, secure data storage, or electronic commerce – is likely to remain in use for five years or more. It must be able to withstand the future: smarter attackers, more computational power, and greater incentives to subvert a widespread system. There won’t be time to upgrade it in the field."

    Bruce Schneier, "Why Cryptography Is Harder Than It Looks", 1997
  • "Some physicists predicted that within the next 10 to 20 years quantum computers will be built that are sufficiently powerful to implement Shor’s ideas and to break all existing public key schemes. Thus we need to look ahead to a future of quantum computers, and we need to prepare the cryptographic world for that future.

    Prof Seth Lloyd of MIT, MIT Review 2008

  • "The future ability of quantum computers might be a decade or two away, their future ability to break public-key cryptography has important implications for the encryption of highly sensitive information today. For these applications, we must already design new public-key cryptosystems and one-way functions that are immune to quantum cryptanalysis."

    ARDA, Report of the Quantum Information Science and Technology Experts Panel, 2004

  • “Consider the use of smart cards ... for especially critical functions.  Although more costly than software, when properly implemented the assurance gain is great.  The form-factor is not as important as the existence of an isolated processor and address space for assured operations – an ‘Island of Security,’ if you will.  Such devices can communicate with each other through secure protocols and provide a web of security connecting secure nodes located across a sea of insecurity in the global net.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • “When will we be secure? Nobody knows for sure – but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customers’ stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today’s commercial security products and services.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", 2005

  • "First and foremost, there is no proper excuse for continued use of a broken cryptographic primitive (MD5) when sufficiently strong alternatives are readily available, for example SHA-2. Secondly, there is no substitute for security awareness." ... "Advice from experts should be taken seriously and early in the process. In this case, MD5 should have been phased out soon after 2004."

    Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Wegerr, "MD5 considered harmful today - Creating a rogue CA certificate", December 2008
  • “Given today’s common hardware and software architectural paradigms, operating systems security is a major primitive for secure systems – you will not succeed without it. This area is so important that it needs all the emphasis it can get. It is the current ‘black hole’ of security.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008

  • Build-in Security: Ensure that security is considered and built into the design of new infrastructure, so that our critical assets are protected from the start and more resilient to naturally-occurring and deliberate threats throughout their life-cycle."

    Obama-Biden Plan, Agenda: Homeland Security, December 2008

  • “The more complex the threats become, the more you have to do the basics and groundwork really well. Staying aware and on top of new vulnerabilities and ensuring that patches and software updates are rapidly implemented is crucial.”

    Jeff Shipley, Cisco Intelligence Collection Manager, Cisco 2008 Annual Security Report

Resources Expert Opinions Information assurance quote: Jeff Shipley, The more complex the threats become, the more you have to do the basics and ground work really well

quote: Jeff Shipley, The more complex the threats become, the more you have to do the basics and ground work really well

The more complex the threats become, the more you have to do the basics and groundwork really well. Staying aware and on top of new vulnerabilities and ensuring that patches and software updates are rapidly implemented is crucial.

Jeff Shipley, Cisco Intelligence Collection Manager, Cisco 2008 Annual Security Report

 
This website uses cookies to manage authentication, navigation, and to provide you with a better and more personal service. By continuing to use this website, you are consenting to this use. Find out more here.
Synaptic Laboratories Limited: Technologies For A Safe and Secure High Performance Computing and Communications Ecosystem.

 

Related Items