BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

September 11th – Lest We Forget.

Post by Marc Maiffret September 11, 2012

Today marks the 11 year anniversary of the “September 11th” attacks. It is on these days of remembrance that our memory serves as a tool to heal us, to free us from the emotional burdens that can keep us from moving forward. This happens not by allowing these memories to fade from our consciousness, but by the juxtaposition between our past and present as a way to learn how we might grow.

Often times when extreme tragedy strikes, we search for answers of why it happened and how it could have been prevented. Much debate is given to these topics as it relates to 9/11, but at the core of such discussions is the simplicity that evil can sometimes prevail and we must fight against complacency, at all costs, in order to keep a balance of good in this world.

I often think of the balance between evil and complacency in my own profession within the computer security industry. I say this not to build the importance of one’s life work vs. an incomparable tragedy, but rather as a parallel that I might take something from the events of 9/11 to put actions of good back into this world: to find my own meaning and sense of healing like many others whom lost a friend or loved one on 9/11 or the wars thereafter which are still fought even now.

You see, the business of security is one that is truly a fight against complacency. Security is an intricate dance of not simply the forces of good and evil but of both fear-mongering rhetoric and oft ignored warnings of real dangers. So much of what a security professional does is a process of filtering out the signal from the noise. It is no doubt a taxing effort day in and out to try to make sense of the events unfolding around us and make decisions that can be proactive in preventing future disasters.

I cannot speak to the events prior to 9/11 and what could have been prevented. I say this now, not as rhetoric, but based on a career having been hired to legitimately test and compromise the security of major corporations across all major sectors of industry within the United States: it is with unmistakable belief that societies built upon a technological dependence should heed a warning that we are simply waiting for our 9/11 moment where this machine comes to a halt. Not in terms of loss of life but that of a shock and awe technological failing that cuts to the very core of the culture and economy we continue to make our keeper.

Some would say that the deadlock in Washington affects all manner of policy decisions including those on cyber security. As with so many things in life we need not wait for Washington in order to move forward. As a collective of technologists, developers, security and IT professionals, researchers and most importantly Hackers in the original, un-bastardized, definition of the word, we have but a choice to wake up each day and continue to push this fight forward regardless of this race having no end.

To those in the United States government, military, and intelligence agencies who fight tirelessly every day for the good of humanity and not party politics: we thank you.

Stay relentless,
Marc Maiffret

Tags:
, , , , , , ,

Leave a Reply

Additional articles

BI-Qualys-Connector-IMG1

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
Tags:
, , , , , , , ,
insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,