I've seen tech companies who's developers and sysadmins have been trained (or beaten into a good posture) by pentesters as per industry trend only to be completely at loss when fraud hits. And if you follow the cyber advice and get a "BigData" "correlated event processing" and so on you still need a fraud team to build out your use cases and they will simply go "please-install-Silver-Tail-thank-you-very-much".
-- Konrads Smelkovs Applied IT sorcery. On 31 March 2015 at 14:30, John Strand <[email protected]> wrote: > Funny. > > No mention of compliance. > > It hit me about a week ago, fewer and fewer people are talking compliance. > > Fraud and Spook, are coming up a lot more. > > Are we growing - If just a little? > > John > > On Mon, Mar 30, 2015 at 5:24 PM, Anton Chuvakin <[email protected]> > wrote: > >> So far, I've shoved this most excellent post in quite a few faces .... >> and will shove in more :-) >> >> I often wonder whether those same people who equate infosec/"cyber" with >> fraud (and there are plenty, sadly - not on *this* enlightened list of >> course :-)) and thus want to "solve cyber", also want to "solve theft", >> "solve murder", "solve greed", etc, etc, etc. >> >> Ah, here goes one more: "... we don't need security, we don't handle >> credit card numbers here" .... >> >> >> On Sat, Mar 28, 2015 at 6:10 AM, Dave Aitel <[email protected]> wrote: >> >>> So much of security is driven by "fraud" and coming from a spook >>> background as many people on this list do, I find it annoying. >>> RSA-the-conference-and-meme is one of those markets that just baffles a >>> lot of people who come from the government space. How is any of that >>> stuff possibly worth so much money? >>> >>> "Fraud" is partially the answer I think. Things that come from the fraud >>> world are as alien to spook-world as a giant ant-eater is to North >>> America. At some level defeating Fraud is about hygiene, more than >>> security. It's about valuing information in fungible units defined by >>> "Credit Cards" or "Users" and not by "importance". >>> >>> But climates can change and we are at the cusp of that change. If you >>> look at how Google Wallet or ApplePay work, they have the major >>> advantage in that they already know what you want to buy before you buy >>> it, and they know where you are at all times, so fraud is going to get >>> exponentially more difficult. It may, in fact, become impossible. >>> Imagine if consumer Fraud went extinct? Is this harder to imagine than a >>> world without woolly mammoths? >>> >>> Companies have learned this year from Sony Pictures that protecting >>> yourself against nation-states is the difference between surviving and >>> not surviving, and that doing so requires a completely different >>> corporate design than they're used to. FraudWorld has been invaded by >>> SpookWorld. >>> >>> Good times! :) Of course, I can't end without saying that if you want to >>> see what the climate is going to look like, what the swamp creatures >>> about to invade tend to eat, then you have to come down to the >>> Everglades and see us at INFILTRATE. >>> >>> -dave >>> >>> >>> >>> _______________________________________________ >>> Dailydave mailing list >>> [email protected] >>> https://lists.immunityinc.com/mailman/listinfo/dailydave >>> >>> >> >> >> -- >> Dr. Anton Chuvakin >> Site: http://www.chuvakin.org >> Twitter: @anton_chuvakin <https://twitter.com/anton_chuvakin> >> Work: http://www.linkedin.com/in/chuvakin >> >> _______________________________________________ >> Dailydave mailing list >> [email protected] >> https://lists.immunityinc.com/mailman/listinfo/dailydave >> >> > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave > >
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
