Wetware

Previous page
Table of content
Next page

Finally, the topic we would all prefer to avoid: wetware, the carbon-silicon interface. It is well "known" in the security community (and the IT community in general) that it would be much simpler to run networks if we did not have to support all those users. Unfortunately, not only do the users pay our salaries, they are the reason we have the networks in the first place. Security in particular and IT in general are rarely profit centers in and of themselves. We exist to provide a service.

The people we provide that service to, the end users, are by far the biggest security problem today. As we discussed earlier, the attackers are now shifting their focus to the easy target-people. Forgetting that ultimately your people hold your security in their hands would be fatal. We, as an industry, need to start questioning the practices put in place many years ago and determine how best to work with people to get their help in protecting our networks.

Probably the most serious security issue you will need to deal with for the foreseeable future will be social engineering. We are getting relatively good at securing technology. We are not nearly as good at securing people. As the technology gets better and more secure, the attackers will not be going away. They will be shifting their tactics to the soft underbelly-the end user. We have seen it for years in mass mailing worms. We are now seeing botnets established by exploiting vulnerabilities in PDF readers, picture parsers, and just plain programs that people click on. The field is turning in a direction where the attackers will do whatever it takes to get in, and that means they will often go after people.

If you do only one thing for security this year, start a security awareness program for your co-workers, your organization, your family, your friends, and even the guy who asked you a computer question at the supermarket. You will have done something to address this problem. No single vendor owns that problem, nor does it really make sense for them to. We need to address this as a society. We need to teach society what real security looks like and how to spot fraud and security theater.


Previous page
Table of content
Next page
Windows Vista Security. Securing Vista Against Malicious Attacks
Windows Vista Security. Securing Vista Against Malicious Attacks
ISBN: 470101555
EAN: N/A
Year: 2004
Pages: 163
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
VBScript in a Nutshell, 2nd Edition
Digital Character Animation 3 (No. 3)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy