BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Closing the Door on Hackers – from the New York Times

Posted April 5, 2013    Marc Maiffret

I recently had the pleasure of contributing an Op-Ed piece to The New York Times. In the article, I talk about some of the aspects of cyber-security that I think are far too-often left out of mainstream media discussions. Specifically, the shared burden that all of us in the technology industry should feel in helping educate and produce more secure software. This is not a trivial challenge, but something that is equally important for users at large to understand and think about just as often as they think about the next hyped up hacker group or China attack.

From IT administrators to software developers and more, the challenges faced in security are always evolving and it can be tiring to keep running this race. To those businesses that employ such people who strive every day to help build a more secure company, embrace those employees, rather than think of them as an annoyance or burden. Keep staying educated, keep raising the bar in a meaningful way beyond yet another signature update, and most importantly, don’t forget that as serious as some of the stakes are in security, don’t take it all so seriously, or your servers may never get out alive.

You can find the full article here –  http://www.nytimes.com/2013/04/05/opinion/closing-the-door-on-hackers.html?_r=0

 

NYT logo

Tags:
, , , ,

Leave a Reply

One Response to “Closing the Door on Hackers – from the New York Times”

  1. John

    It’s not news that the nature of hacking has changed. While hacking used to be the subject of movies, typically involving young kids, those kids have evolved. And they have made a choice to either work for good or for bad. Mr. Maiffret is an example of one who has chosen the good and has probably found it to be lucrative. I know of others that choose to do good without any personal benefit. Anonymous is an example of an organization that works for good or for bad, depending on a person’s perspective. If I were to be a victim, then I would clearly think badly of Anonymous. But when I see Anonymous challenging an “unfriendly”, even a nation state, then it’s a good thing. With recent events, some might even view Anonymous as being on par with nation states and conducting cyber warfare. But this is not the focus of the article.
    It seems Mr. Maiffret’s intent was to point out that there are vulnerabilities in software and there have been some champions who have tried and done well to reduce the vulnerabilities. Nevertheless, the problem persists. Companies and individuals that purchase software are apparently not doing their homework before making a purchase. If they did, investment and the free market might be effective means of driving the development of secure software. As it stands, it seems software is often pushed out the door with little concern for security.
    At the heart of the problem are the developers. Those that build insecure products either lack the pride or motivation to develop secure software or they are lacking an awareness of the need or the ability to address the need. Companies that push out software products should enlighten and motivate developers to incorporate security in their products. This is the challenge, albeit a small one, to companies. It would be a win-win- win situation where the developer, the company, and the purchaser all come out on top.

    April 10, 2013 2:18:36, Reply

Additional articles

ovum-research

New Analyst SWOT Assessment Identifies Key Strengths of PowerBroker

Posted November 24, 2014    Scott Lang

Following on the heels of the Gartner PAM market guide and Frost & Sullivan review of Password Safe comes a new analyst review of our BeyondInsight and PowerBroker platforms, a SWOT assessment of BeyondTrust written by Ovum. Ovum’s honest and thorough review of BeyondTrust indicates that we are delivering, “…an integrated, one-stop approach to PAM….

Tags:
, , ,

Patented Windows privilege management brings you unmatched benefits

Posted November 24, 2014    Scott Lang

We are pleased to announce that BeyondTrust has been granted a new U.S. Patent (No. 8,850,549) for privilege management, validating our approach to helping our customers achieve least privilege in Windows environments. The methods and systems that we employ for controlling access to resources and privileges per process are unique to BeyondTrust PowerBroker for Windows….

Tags:
6

A Quick Look at MS14-068

Posted November 20, 2014    BeyondTrust Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,