BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Closing the Door on Hackers – from the New York Times

Posted April 5, 2013    Marc Maiffret

I recently had the pleasure of contributing an Op-Ed piece to The New York Times. In the article, I talk about some of the aspects of cyber-security that I think are far too-often left out of mainstream media discussions. Specifically, the shared burden that all of us in the technology industry should feel in helping educate and produce more secure software. This is not a trivial challenge, but something that is equally important for users at large to understand and think about just as often as they think about the next hyped up hacker group or China attack.

From IT administrators to software developers and more, the challenges faced in security are always evolving and it can be tiring to keep running this race. To those businesses that employ such people who strive every day to help build a more secure company, embrace those employees, rather than think of them as an annoyance or burden. Keep staying educated, keep raising the bar in a meaningful way beyond yet another signature update, and most importantly, don’t forget that as serious as some of the stakes are in security, don’t take it all so seriously, or your servers may never get out alive.

You can find the full article here –  http://www.nytimes.com/2013/04/05/opinion/closing-the-door-on-hackers.html?_r=0

 

NYT logo

Tags:
, , , ,

Leave a Reply

One Response to “Closing the Door on Hackers – from the New York Times”

  1. John

    It’s not news that the nature of hacking has changed. While hacking used to be the subject of movies, typically involving young kids, those kids have evolved. And they have made a choice to either work for good or for bad. Mr. Maiffret is an example of one who has chosen the good and has probably found it to be lucrative. I know of others that choose to do good without any personal benefit. Anonymous is an example of an organization that works for good or for bad, depending on a person’s perspective. If I were to be a victim, then I would clearly think badly of Anonymous. But when I see Anonymous challenging an “unfriendly”, even a nation state, then it’s a good thing. With recent events, some might even view Anonymous as being on par with nation states and conducting cyber warfare. But this is not the focus of the article.
    It seems Mr. Maiffret’s intent was to point out that there are vulnerabilities in software and there have been some champions who have tried and done well to reduce the vulnerabilities. Nevertheless, the problem persists. Companies and individuals that purchase software are apparently not doing their homework before making a purchase. If they did, investment and the free market might be effective means of driving the development of secure software. As it stands, it seems software is often pushed out the door with little concern for security.
    At the heart of the problem are the developers. Those that build insecure products either lack the pride or motivation to develop secure software or they are lacking an awareness of the need or the ability to address the need. Companies that push out software products should enlighten and motivate developers to incorporate security in their products. This is the challenge, albeit a small one, to companies. It would be a win-win- win situation where the developer, the company, and the purchaser all come out on top.

    April 10, 2013 2:18:36, Reply

Additional articles

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Posted July 24, 2014    Morey Haber

There is a reason all BeyondTrust Privileged Account Management (PAM) solutions share the PowerBroker name: They all inherently enable you to reduce user-based risk and can be integrated under a centralized IT risk management platform. Here’s one common use case that demonstrates how this integration changes the playing field. Consider the challenge of privileged access:…

Tags:
, , , , ,
PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,
PowerBroker for Windows tamper protection

PowerBroker for Windows 6.6 Tamper Protection

Posted July 18, 2014    Morey Haber

I have a bone to pick: Stopping an administrator from performing an action on a system is futile endeavor. As an administrator, there is always a way to circumvent a solution’s from tampered protection. Really! By default, Windows administrators have unrestricted access to the system – and even though an application, hardened configuration, or group policy…

Tags:
, ,