Kelly Martin, 2005-08-03
Blackhat is one of my favorite places to do some casual online banking over an insecure WiFi connection. Where's the risk, right? All joking aside, Blackhat is in fact a great place to do some deep thought on the current state of the security industry.
Colapse all |
Post comment
Security still underfunded
2005-08-04
Anonymous (1 replies)
Anonymous (1 replies)
Easily said than done: Hiring smart people. How can you tell if someone is smart ? More importantly, how can HR or a non-security person (i.e the employer) tell if someone is security-smart? Sadly, it's a herd mentality market when it comes to hiring security pro and often those that 'get it' lea...
[ more ] [ reply ]
[ more ] [ reply ]
Security still underfunded
2005-08-04
Don Parker (1 replies)
Don Parker (1 replies)
Why would a big name in the security field go work for an MS or Cisco? They already make a very handsome living, and are also their own boss. Were I given the choice of even more bucks, but work for a large company with questionable motives ref security, I would certainly stay put. Money isn't every...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Security still underfunded
2005-08-05
Alexey Vesnin
Alexey Vesnin
Agreed. There's two different ways of security-working. First of 'em and SADLY an usual one - it's when you're working for money. They are everything for you and anything else is side-effect. And second one is when you're living in your IT tasks, solving 'em and make the code and the system better. ...
[ more ] [ reply ]
[ more ] [ reply ]
Security still underfunded
2005-08-05
Todd Knarr (1 replies)
Todd Knarr (1 replies)
I'm not sure security is underfunded. I believe the money's there, it's just being misapplied. For example, we're spending huge amounts of money trying to patch up security problems in Windows (just look at how much is spent on anti-virus and filtering software alone, let alone in patching systems a...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Security still underfunded
2005-08-11
SctySpc
SctySpc
Amen to that, need to spend more but more effectivly. However, most companies do not do employee background checks prior to placing them in a position of access. Ethics and Trustworthyness are the key ingrediants, of charactor. Money an Recognition are still players in the retention of "high-quality...
[ more ] [ reply ]
[ more ] [ reply ]
Security still underfunded
2005-08-09
Trustifier
Trustifier
"There is no safe haven in the security world, only risk mitigation and one's hope for the best"
Security is so much more than a patched, virus free environment. The biggest breaches are now from insiders. How is the status quo dealing with that? How does one protect against a disgruntled employe...
[ more ] [ reply ]
Security is so much more than a patched, virus free environment. The biggest breaches are now from insiders. How is the status quo dealing with that? How does one protect against a disgruntled employe...
[ more ] [ reply ]
Security still underfunded
2005-08-09
NDA_Compromised
NDA_Compromised
After attending both BlackHat and Defcon conferences, taking into account all the various versions of the Mike Lynn/ISS/Cisco topic, no one has discussed the fact that Mike Lynn violated Non-Disclosure Agreements that he had signed with ISS when he joined. That alone is a major issue, how does an em...
[ more ] [ reply ]
[ more ] [ reply ]
Security still underfunded
2005-08-11
Anonymous
Anonymous
Great article Kelly.
To those who say that they wouldn't work for a company that offers more money, I say that they don't understand corporate mentality. Corporations would sell out their employees in a moment if it meant better returns for their shareholders. Wake up everyone, money talks. Hire...
[ more ] [ reply ]
To those who say that they wouldn't work for a company that offers more money, I say that they don't understand corporate mentality. Corporations would sell out their employees in a moment if it meant better returns for their shareholders. Wake up everyone, money talks. Hire...
[ more ] [ reply ]
Security will always be underfunded
2005-08-17
Anonymous
Anonymous
Security will be underfunded as long as there are editors who will buy a good scary story, and as long as there are vendors who can use FUD to sell products.
Not until serious security researchers apply the scientific method and successfully build predictive models of attack statistics will it be...
[ more ] [ reply ]
Not until serious security researchers apply the scientific method and successfully build predictive models of attack statistics will it be...
[ more ] [ reply ]
1. If it was IP (my belief), why did Cisco even acknowledge & offer some support? Based on the slide I've seen, he was clearly looking at co...
[ more ] [ reply ]