« Collected Thoughts on Security Architecture Evolution | Main | Twelve Days of Phishmas - Fifth Anniversary Carol »

Monday, 02 December 2013

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

All excellent points, Andre.

Let's look at these carefully:

1) Attackers build, test, routinely and often. This rigor is not as widely adopted by infosec/IT.

2) Relying on "install, configure and forget" security technology is the antithesis of agility.

3) Relying on security technology excuses senior management from hiring analytical and insightful security professionals in sufficient numbers. We have some, but not nearly enough of these types of people.

Thanks for your comment!

That's an easy answer. Professionals are failing to integrate SOTA defenses and decision makers are failing to fund full integration with their PMOs.

Additionally, you must also consider that unwanted adversaries build and test their malware systems and subsystems early and often. If you don't have the same agility in your organization, then their R-squared beats yours each time. The `killav' command in Meterpreter comes to mind, but so does the Exchange Policy and AirWatch bypasses on iOS especially when in combination with a faraday bag. Unwanted adversaries are analytic and highly-insightful professionals, but information security types typically are not.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)

My Photo