On Sat, Feb 22, 2014 at 3:28 PM, Dave Aitel <[email protected]> wrote: ... > > So one exercise I was going through in my head yesterday during this little > mini-con is trying to figure out what the "Security Best Practices" were that > would invalidate any given product category. These are usually pretty simple. > Just as an example: Sniffing products are invalidated by proper network > crypto, and scanners are invalidated by proper network segmentation, etc. > > Just something to think about in the product whirlyhaze that is RSA. It > doesn't mean you shouldn't buy one of these product categories, but knowing > where you are blind is a good thing, even if it sounds very negative for > California. > > -dave
To paraphrase Peter G. Neumann: "In many networks, there are unrecognized interdependencies among different security technologies that hinder their functions." Networks are often the result of successive technological layers. As organizations take on new business, face new threats, reconsider security notions (e.g., insider/outsider), or embrace "new" security paradigms, more security products get deployed, adding complexity and increasing the attack surface. The picture that emerges resembles one big security contraption. It is hard to tell at what extent it will work as intended. Let us hope CISOs will resist the temptation to dogmatically adopt new "best practices" or supplement the current patchwork with more security technologies (e.g., blinded email gateways with EPPs, blinded network sniffers with NGFWs). Let us hope that the CISOs will exercise more the rare virtue of decommissioning. The security aftermarket expo is about to start. Wishing you a great RSA week. -- alfonso _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
