There will never be “silence” in the information security world – nor should there be !!
“There will never be “silence” in the information security world.”
As the world at large reluctantly accepts digital data flows are fast becoming as important as air (ok, that’s stretching the concept slightly but it’s not completely outlandish), protection of those data flows becomes as important as protecting any other key to life. But every day new threats appear, new security challenges become apparent and our attempts to keep them at bay continue to look futile.
Today news of a Stuxnet clone has surfaced that seems to expose links to the now infamous malware that affected SCADA industrial control systems – how long it has existed or evidence of compromise is unknown. IBM researchers have discovered increased coverage of the mobile banking malware Marcher, thus increasing the target landscape of unsuspecting mobile users who may succumb to fictitious notification of funds availability. And the ever present curse of zero day, is again top of mind with Trustwave researchers highlighting as many as 1.5 billion unpatched devices may be vulnerable to a recently discovered Microsoft exploit.
I have highlighted just a few of the ongoing public announcements of security threat and compromise, a full chronicle would be never ending as new information appears in real time minute by minute. Emotionally, some may deem defence against attack a battle that cannot be won with strong evidence to support the point but that is potentially an over simplification. Fundamental security principles and good practice, no different from those applied in non-information technology arenas will help thwart attacks, increase awareness and visibility of an attack in process and accelerate remediation after attack (plus signpost future steps to realise better defence).
I started this outline with a view there will never be “silence” in the security world and for me long may that continue. Both users and organisations should adopt a state of ongoing vigilance, zero complacency and never believe the security problem is solved or the battle won. By getting the basics right, improving understanding of known good states, increasing visibility and measurement of the changes of state from known states (or the highlight of unknown or inconsistent states) and a pragmatic approach to defence based on prioritisation of the “noise” beyond the silence will help to drive positive security solutions rather than signify problems.
Want to know more, keen to rethink security – visit the Computacenter team at Infosec Europe at Olympia London from Tuesday 7th June to Thursday 9th June, stand #E295. We look forward to hosting you and will have a team of business and technology aware security specialists available to discuss security impacts – your way. I hope to see you there.
Until Infosec at Olympia
Chief Technologist: Networking, Security and Collaboration