[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4146F464.6070201@sdf.lonestar.org>
From: bkfsec at sdf.lonestar.org (Barry Fitzgerald)
Subject: Where is security industry gng??
Geoff Shively wrote:
>Think about it this way, security was once focused on simple solutions
>to solve problems (network architecture with security in mind, device/OS
>hardening, etc).
>
>Let us recap the history of the industry so that I can set the stage for
>where I think it is headed.
>
>In the last 5-7 years the security problem has grown complex and sheer
>number of threats have skyrocketed, which brought to life an industry of
>complex solutions to a combat a complex problem. IMHO, the wrong way to
>deal with the problem.
>
>
>
Well, I'm not going to decry IDS -- IDS can be a very useful portion of
a network security plan.
The problem with IDS was always that people perceived IDS as being a
magic box that automatically and exclusively detects intrusions. Anyone
who's ever worked with an IDS knows that that couldn't be further from
the truth. However, that does not invalidate the data from the IDS. A
properly tuned IDS can be very useful.
Having said that, you're entirely right. There needs to be a renewed
focus on host-based security and hardening.
I liken it to this physical analogy (don't you love them? :) ):
Let's say that you have a stove that is necessary for business
and on some types of this model of stove, there's a bad part that
continually causes the thing to burst into flames and burn your business
to the ground. A solution is needed, right? Well, there's two
solutions: fix the part or build a high-tech fire suppressing system.
Prediction: most businesses will go with the fire suppression system.
To people like us, the answer is obvious: fix the bloody part and the
fires will stop occurring!
But to people who don't know any better or who have a vested interest in
the use of that part, the fire suppression system is new, high-tech,
brag-worthy, and solves the problem to their satisfaction. It doesn't
matter that it's not the right answer. It doesn't matter that it
doesn't actually solve the problem. It's shiny and highly visible.
We could probably advocate the right solution until the end of the day,
but the sad fact of the matter is that it probably wouldn't matter in
the end.
So, where is the security industry going? Well, who wants to buy a fire
suppression system? :)
-Barry
p.s. Another physical anaology: browsing the web with IE is like doing
a brothel tour of amsterdam without a condom. I love using that one. :)
Powered by blists - more mailing lists