BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

September 11th – Lest We Forget.

Post by Marc Maiffret September 11, 2012

Today marks the 11 year anniversary of the “September 11th” attacks. It is on these days of remembrance that our memory serves as a tool to heal us, to free us from the emotional burdens that can keep us from moving forward. This happens not by allowing these memories to fade from our consciousness, but by the juxtaposition between our past and present as a way to learn how we might grow.

Often times when extreme tragedy strikes, we search for answers of why it happened and how it could have been prevented. Much debate is given to these topics as it relates to 9/11, but at the core of such discussions is the simplicity that evil can sometimes prevail and we must fight against complacency, at all costs, in order to keep a balance of good in this world.

I often think of the balance between evil and complacency in my own profession within the computer security industry. I say this not to build the importance of one’s life work vs. an incomparable tragedy, but rather as a parallel that I might take something from the events of 9/11 to put actions of good back into this world: to find my own meaning and sense of healing like many others whom lost a friend or loved one on 9/11 or the wars thereafter which are still fought even now.

You see, the business of security is one that is truly a fight against complacency. Security is an intricate dance of not simply the forces of good and evil but of both fear-mongering rhetoric and oft ignored warnings of real dangers. So much of what a security professional does is a process of filtering out the signal from the noise. It is no doubt a taxing effort day in and out to try to make sense of the events unfolding around us and make decisions that can be proactive in preventing future disasters.

I cannot speak to the events prior to 9/11 and what could have been prevented. I say this now, not as rhetoric, but based on a career having been hired to legitimately test and compromise the security of major corporations across all major sectors of industry within the United States: it is with unmistakable belief that societies built upon a technological dependence should heed a warning that we are simply waiting for our 9/11 moment where this machine comes to a halt. Not in terms of loss of life but that of a shock and awe technological failing that cuts to the very core of the culture and economy we continue to make our keeper.

Some would say that the deadlock in Washington affects all manner of policy decisions including those on cyber security. As with so many things in life we need not wait for Washington in order to move forward. As a collective of technologists, developers, security and IT professionals, researchers and most importantly Hackers in the original, un-bastardized, definition of the word, we have but a choice to wake up each day and continue to push this fight forward regardless of this race having no end.

To those in the United States government, military, and intelligence agencies who fight tirelessly every day for the good of humanity and not party politics: we thank you.

Stay relentless,
Marc Maiffret

Tags:
, , , , , , ,

Leave a Reply

Additional articles

April VEF Participant Wins a Apple iPad mini

Every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization and a way to…

Post by Qui Cao April 24, 2014
smart rules manager for vulnerabilities - v2

A New Way of Looking at Vulnerabilities in Your Environment

Assets, users, vulnerabilities and exploits; all are common themes in my posts on BeyondInsight. With BeyondInsight v5.1, we unveiled a new way to view exploitable assets. Sure, most vulnerability management solutions link vulnerability data to exploit information, allowing tools like NeXpose and QualysGuard to list an asset, its vulnerabilities, and any related exploits. BeyondInsight does…

Post by Morey Haber April 23, 2014
Tags:
, , , , ,
smart rules manager for vulnerabilities

Staying on Top of the Latest Vulnerabilities with BeyondInsight v5.1

It’s no secret that dozens of new OS and application vulnerabilities are revealed every day. Staying on top of these new exposures normally requires paying for services or subscribing to multiple RSS feeds. BeyondInsight 5.1 provides customers with another option: a built-in, customizable vulnerability alerting system that delivers up-to-date information on the latest vulnerabilities in…

Post by Morey Haber April 21, 2014
Tags:
, , , , , ,