On Wed, Mar 23, 2011 at 12:17 PM, Michal Zalewski <[email protected]>wrote: > > The real tragedy of infosec is that we simply don't have the tools to > secure large and complex organizations particularly well - not against > governments, but against bored kids with an agenda. Security vendors > are partly to blame for perpetuating a myth that a secure organization > can be built on top of the commercial AV or IDS tools that said > vendors happen offer. It does not come as a surprise that this model > does not work well, and "the world of cyber" has very little to do > with it.
>From my POV, much of this has to do with most models of infosec rely on the concept of "you don't have to run faster then the bear, you just have to run faster then the guy next to you". That model may work against opportunistic criminals that are looking for a good ROI and have no interest in targeting a specific target, but rather is more focused on obtaining assets with no concern where those assets come from. But what do you do when the bear decides you are the pretty one? Very few programs are built to sustain a targeted attack by any adversary. And the more determined and funded that adversary is, the worse for the defender. This might be a kid at home, or a state sponsored "cyber solider". Does not really matter. Could unemployment checks to a disgruntled former employee be considered funding? It seems like the a lot of more modern defensive models are more similar to retail's loss management programs then anything else. Yeah you will get shoplifting, but lets just try to make it the stuff that is not that big of deal. Make the important products better protected, and budget for the shrink that is sure to happen. Jim
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
