Tuesday, November 30, 2010

Are the Threats Really Different?

I am currently watching a webinar about the current Internet threats. One thing that immediately jumps out to me is that it doesn't really seem all that different, just more of the same. We aren't watching actions on the systems with sensitive data sufficiently.

Everyone still wants a silver bullet, a single chokepoint where we can put defenses and relax. While this would be a great thing to have, it doesn't exist and we need to clue in and realize that.

This truth has been around for a long time, we are just now realizing it. It is quite common to hear "perimeter defense doesn't work anymore," but I am not sure it ever really did. It just blocked some low-level threats, which "worked" without really solving the problem. The low-hanging fruit is always going to be the simplest and easiest. What we consider "low-hanging" varies over time. Thus we will always be strengthening things, but it ultimately comes back to the same thing: Protecting systems with access to sensitive data. The methods will get better over time, Avoid mere vendor hype, realize this is a fact of our lives in the information security field.

No comments: