What do you foresee as the next “great-awakening” for network security? Will it be a breach of the national power grid? Perhaps a horrible botnet, worm, or virus infestation/outbreak? What about a surge in browser threats for desktops or mobile phones? Maybe even a disclosed national security breach by a foreign power?
Please fill out the following survey (coordinated by Q1 Labs) to indicate what you think is next on the horizon – http://www.surveymonkey.com/s.aspx?sm=16FAHPNF3sHKXczECIGNaQ_3d_3d
While watching television this evening I noticed a tweet come across twhirl (my Twitter client of choice) from Thomas Ptacek exclaiming that
Defense in depth is one of the great bills of goods the security industry has sold IT.
and that he believes
in any “defense in depth” situation, there’s one defense that’s doing all the work, and the rest are superfluous.”
Being a staunch supporter of a properly implemented defense-in-depth approach I couldn’t help but jump in (as did Amrit Williams). Amrit made a very good point:
To say defense in depth isn’t required for an environment that has both fixed and mobile assets is bordering on ridiculous/irresponsible.
Which is completely true. Defense in depth, if properly planned and executed, only increases the security of your environment. Also, to be perfectly clear, when I say defense in depth I’m not only referring to a “product” but rather the combination of the right products, plans, policies, and people to secure the environment.
I then posed a question to Thomas:
Woud you say that a sewer system is superfluous because the toilet is doing all of the work? What happens when the toilet overflows?
I agree, perhaps not the best analogy I could have come up with but I shot from the hip on this one (as I often do when using Twitter).
The bottom line is that claiming that defense in depth is superfluous becuase one defense is doing the work tells me that the strategy wasn’t planned well.
The Academy (http://www.theacademy.ca) officially launches its web site today providing instructional videos for the information security community. For the first time ever, the average user to the most seasoned industry expert will be able to watch instructional videos on how to install popular products, address common configuration issues, and troubleshoot difficult problems. The Academy is a user driven community and videos are created at the request of its members. Vendors can also leverage the site to showcase the features and capabilities of their products. The Academy is an ideal place to find and share knowledge with others practicing or interested in the information security field.
Yours truly will be contributing as many log related videos as possible so that people understand how to properly make those crazy blinking boxes they have in their racks send logs.