[Dailydave] Drinking the Cool-aid
Alfonso De Gregorio
adg at crypto.lo.gy
Sun Feb 23 19:58:23 EST 2014
On Sat, Feb 22, 2014 at 3:28 PM, Dave Aitel <dave at immunityinc.com> wrote:
...
>
> So one exercise I was going through in my head yesterday during this little mini-con is trying to figure out what the "Security Best Practices" were that would invalidate any given product category. These are usually pretty simple. Just as an example: Sniffing products are invalidated by proper network crypto, and scanners are invalidated by proper network segmentation, etc.
>
> Just something to think about in the product whirlyhaze that is RSA. It doesn't mean you shouldn't buy one of these product categories, but knowing where you are blind is a good thing, even if it sounds very negative for California.
>
> -dave
To paraphrase Peter G. Neumann: "In many networks, there are
unrecognized interdependencies among different security technologies
that hinder their functions."
Networks are often the result of successive technological layers. As
organizations take on new business, face new threats, reconsider
security notions (e.g., insider/outsider), or embrace "new" security
paradigms, more security products get deployed, adding complexity and
increasing the attack surface.
The picture that emerges resembles one big security contraption. It is
hard to tell at what extent it will work as intended.
Let us hope CISOs will resist the temptation to dogmatically adopt new
"best practices" or supplement the current patchwork with more
security technologies (e.g., blinded email gateways with EPPs, blinded
network sniffers with NGFWs).
Let us hope that the CISOs will exercise more the rare virtue of
decommissioning.
The security aftermarket expo is about to start. Wishing you a great RSA week.
--
alfonso
More information about the Dailydave
mailing list