Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Silver lining for IT security staff?

leave a comment »

Tim Watson, vnunet.com 26 Feb 2009

I’m not a fan of zombie films, or of horror films in general. It’s the waiting I can’t stand, the interminable suspense. Perhaps it’s a professional aversion.

For anyone involved in the computer security industry, waiting for bad things to happen is what we do. We lock the doors, block the windows and keep a careful eye on the open fireplace, while all around, outside, the hordes of zombies mass.

The organisations we work for see us as killjoys, as nerdy Cassandras. While they carry on oblivious, we’re tugging at their sleeves and pointing out the imminent doom. For years we kept telling them, and now they see that we were right.

Well, OK, it wasn’t quite the apocalypse that we were expecting. While we were watching the network logs and applying software patches, some clowns in the banking industry destroyed our economy. Let’s just say that we were right in principle.

So the financial world is in meltdown, companies are shrinking and folding, and security is on everyone’s mind. Is it all going to be over by Christmas? Are we at the beginning of the second Great Depression? And what of the computer security industry? Will it be boom or bust for those charged with manning the barricades? It goes against my better professional judgement but, as far as the future is concerned, I’m reasonably optimistic.

The rest HERE

Ehhh, I am not so much an optimist on this. You see, people as a species are rather poor at determining danger other than the short term “fight or flight” danger it seems from my observations. The whole arena of information security has been a sore point on this issue because so few get it and really try to enforce it. Never mind the fact that many companies and people running them usually cut security right off the bat as a cost center despite the fact it is necessary.

Then we have the problem of lack of understanding, which also breeds laziness and lacksadazical atitudes toward the technology and its protection.. Ya know, like the popularity of “1234” as their master password *shudder* So yeah, I really have very little faith in people, ok, “management” doing the right thing where security is concerned.

So now we are in the recession of a century and this guy thinks that security won’t take the hit? The only way I see that happening is if the regulation happens that I hope will come from the Obama administration. So do I think this is likely to happen? Well, I say it’s about a 40% chance of happening… Heh, maybe I am being too optimistic there huh? We shall see.

Anyway, with all the experience I have had in the infosec sphere, I have very little hope that the right thing will be done. Meanwhile the economy will collapse around us, data will be lost and or stolen in even greater quantities, and Rome will burn as the people fiddle with their iPhones…. Yay!
I could be wrong though…

Written by Krypt3ia

2009/02/27 at 01:01

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: