I attended Michael Gough and Ian Robertson’s training on
Friday, entitled “From Joe to Pro – Finding Malware in Your Environment,”
sponsored by our local ISSA Capital of Texas chapter, BSides Austin, Critical
Start and SourceFire. I know from previous
software employers who have paid ransoms
that there are dirty secrets called Shhh! in security. While it isn't publicized, companies pay handsome
ransoms to prevent exploits found from being made public. Government agencies do, too. In the case of software companies, it’s self
preservation. In the case of government
agencies, might be something tasty they want to let play out, for their own
reasons.
First, accolades to Michael and Ian for their service to the
security community. They’re active in
ISSA, InfraGard, ISACA and Bsides. They
take time out of their busy days to share security intelligence and their
findings as security practitioners with the community. Great blog about security hunters versus
gatherers here http://hackerhurricane.blogspot.com/2013/11/like-natives-infosec-needs-to-become.html
Caveat, IMHO: grassroots security training, effective patch
management, compliance efforts and ongoing security monitoring using
conventional means might be called “gathering” - while not sexy, these measures can monitor or alert on many security issues without drama. That being said, compliance is, by its
nature, not very effective against dynamically changing security attacks.
For sure, malware writers have the attacker’s
advantage. They have test labs equipped
with available security software. They
are not inclined to release malware that won’t work against common
countermeasures. They choose when and
where to release their malware. Defenders are at a distinct disadvantage.
The training was great, and enjoyed by a full house of
security professionals! One of the many
perks of living in Austin is the community of security practitioners.
No comments:
Post a Comment