The interview includes his views on information security in the financial services industry, the trusted computing movement, emerging cyber threats and the way institutions should protect their expanding perimeters and his work on the advanced technologies for NIST.
Starnesâ€™ nearly 30 years in high technology with eight different startups has honed his view of information security. Currently heâ€™s the Chairman and Chief Executive Officer of SignaCert, and is focusing on commercial work in the trusted computing area. Heâ€™s also the cofounder of RAINS (Regional Alliances for Infrastructure and Network Security), a nonprofit public/private alliance formed to accelerate development, deployment and adoption of innovative technology for homeland security.
Prior to SignaCert, he was the Founder, President and CEO of Tripwire, Inc, a provider of change auditing software. Starnes is a member of the National Institute of Standards and Technology (NIST), Visiting Committee on Advanced Technologies (VCAT) and a member of the Oregon Executive Council of the American Electronics Association (AEA).Excerpt from podcast:
LINDA MCGLASSON: Are we in information security becoming too complacent? I mean, we have a lot of zero-day threats, hundred thousand node botnet sending us virus threats and all things like that, and those of us in information security, you know, look at the situation and think that this is normal operation procedure, are we too complacent?
WYATT STARNES: I think we are too complacent, and I actually think weâ€™ve been overly, sort of, complacent and self-secure, self-assured for actually quite some time. When you kind of zoom back and look at some of the physical threats in our world, specifically, the tragic events of September 11th, 2001, where we found we were dramatically exposed to physical harm within our own boundaries, I think in the cyber-security world, we havenâ€™t really seen our September 11th, 2001 yet. We are exposed. We continue to be exposed, and information technology is prospectively an important new attack vector for us in our industry and in our economy, and frankly, in our political system as well.