BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Closing the Door on Hackers – from the New York Times

Posted April 5, 2013    Marc Maiffret

I recently had the pleasure of contributing an Op-Ed piece to The New York Times. In the article, I talk about some of the aspects of cyber-security that I think are far too-often left out of mainstream media discussions. Specifically, the shared burden that all of us in the technology industry should feel in helping educate and produce more secure software. This is not a trivial challenge, but something that is equally important for users at large to understand and think about just as often as they think about the next hyped up hacker group or China attack.

From IT administrators to software developers and more, the challenges faced in security are always evolving and it can be tiring to keep running this race. To those businesses that employ such people who strive every day to help build a more secure company, embrace those employees, rather than think of them as an annoyance or burden. Keep staying educated, keep raising the bar in a meaningful way beyond yet another signature update, and most importantly, don’t forget that as serious as some of the stakes are in security, don’t take it all so seriously, or your servers may never get out alive.

You can find the full article here –  http://www.nytimes.com/2013/04/05/opinion/closing-the-door-on-hackers.html?_r=0

 

NYT logo

Tags:
, , , ,

Leave a Reply

One Response to “Closing the Door on Hackers – from the New York Times”

  1. John

    It’s not news that the nature of hacking has changed. While hacking used to be the subject of movies, typically involving young kids, those kids have evolved. And they have made a choice to either work for good or for bad. Mr. Maiffret is an example of one who has chosen the good and has probably found it to be lucrative. I know of others that choose to do good without any personal benefit. Anonymous is an example of an organization that works for good or for bad, depending on a person’s perspective. If I were to be a victim, then I would clearly think badly of Anonymous. But when I see Anonymous challenging an “unfriendly”, even a nation state, then it’s a good thing. With recent events, some might even view Anonymous as being on par with nation states and conducting cyber warfare. But this is not the focus of the article.
    It seems Mr. Maiffret’s intent was to point out that there are vulnerabilities in software and there have been some champions who have tried and done well to reduce the vulnerabilities. Nevertheless, the problem persists. Companies and individuals that purchase software are apparently not doing their homework before making a purchase. If they did, investment and the free market might be effective means of driving the development of secure software. As it stands, it seems software is often pushed out the door with little concern for security.
    At the heart of the problem are the developers. Those that build insecure products either lack the pride or motivation to develop secure software or they are lacking an awareness of the need or the ability to address the need. Companies that push out software products should enlighten and motivate developers to incorporate security in their products. This is the challenge, albeit a small one, to companies. It would be a win-win- win situation where the developer, the company, and the purchaser all come out on top.

    April 10, 2013 2:18:36, Reply

Additional articles

webinar1

On Demand Webinar: Advanced Windows Tracing

Posted April 17, 2015    BeyondTrust Software

Webinar: Security MVP, Paula Januszkiewicz, shows Windows administrators how to be more aware of what happens whenever somebody does something within the system.

Tags:
, ,
5

The Delicate Art of Remote Checks – A Glance Into MS15-034

Posted April 15, 2015    Bill Finlayson

Remote vulnerability detection – using ms15-034 as an example.

Tags:
, ,
databreach

2015 Verizon Data Breach Investigations Report: More End Users as Threats

Posted April 15, 2015    Scott Lang

The 2015 Verizon report says end users are the number one source of insider abuse incidents. Find out how to mitigate the risks.

Tags:
,