How many times in your career have your heard there are no silver bullets? I'm sure its been quite a few times and then some. It definitely needs to be apart of your infosec mantra to ensure people don't have a false sense of security. It should be well ingrained that [AV, FIREWALLS, IPS, PROXIES, *] don't stop sophisticated attackers. They are at best a speed bump in the road.
So what is the point of this post? I've noticed a disturbing trend in the industry of knowledgedable individuals going to the opposite of the spectrum. Instead of taking a practical approach they shoot down any security control based on its flaws. One of my favorite quotes illustrates this perfectly.
Narrator: Tyler, you are by far the most interesting single-serving friend I've ever met... see I have this thing: everything on a plane is single-serving...
Tyler Durden: Oh I get it, it's very clever.
Narrator: Thank you.
Tyler Durden: How's that working out for you?
Narrator: What?
Tyler Durden: Being clever.
Narrator: Great.
Tyler Durden: Keep it up then... Right up.
Some people are just a little too clever for their own good. They routinely dismiss proposed security solutions as having flaws and not worth pursuing. News flash, short of unpluging the power or pulling the network cable, all solutions have vulnerabilities to a certain degree. Doing nothing isn't an option. Accepting the status quo is a defeatist attitude in this little thing we call "cyber conflict". Yes thats right I used the word cyber, deal with it. APT in your house stealing your stuff. Ask yourself this, do you go to a gun fight with a knife? No, you want a gun preferably with some ammunition. In this case, the ammunition is your defense in depth. Yes it most notably depends on people and process, but security tools play a big factor. While in this allegorical gunfight the adversary has an AK-47 with a banana clip, you should at least show up with a Glock-22 loaded with a few rounds of .40 S&W. Yes more times then not we will lose, but making the adversary duck, dodge, displace, and slow down is worth the effort. Who knows you might even win some of those battles and eject them from your network like spent cartridge.
So what is the point of this post? I've noticed a disturbing trend in the industry of knowledgedable individuals going to the opposite of the spectrum. Instead of taking a practical approach they shoot down any security control based on its flaws. One of my favorite quotes illustrates this perfectly.
Narrator: Tyler, you are by far the most interesting single-serving friend I've ever met... see I have this thing: everything on a plane is single-serving...
Tyler Durden: Oh I get it, it's very clever.
Narrator: Thank you.
Tyler Durden: How's that working out for you?
Narrator: What?
Tyler Durden: Being clever.
Narrator: Great.
Tyler Durden: Keep it up then... Right up.
Some people are just a little too clever for their own good. They routinely dismiss proposed security solutions as having flaws and not worth pursuing. News flash, short of unpluging the power or pulling the network cable, all solutions have vulnerabilities to a certain degree. Doing nothing isn't an option. Accepting the status quo is a defeatist attitude in this little thing we call "cyber conflict". Yes thats right I used the word cyber, deal with it. APT in your house stealing your stuff. Ask yourself this, do you go to a gun fight with a knife? No, you want a gun preferably with some ammunition. In this case, the ammunition is your defense in depth. Yes it most notably depends on people and process, but security tools play a big factor. While in this allegorical gunfight the adversary has an AK-47 with a banana clip, you should at least show up with a Glock-22 loaded with a few rounds of .40 S&W. Yes more times then not we will lose, but making the adversary duck, dodge, displace, and slow down is worth the effort. Who knows you might even win some of those battles and eject them from your network like spent cartridge.
Comments
Post a Comment