BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

September 11th – Lest We Forget.

Posted September 11, 2012    Marc Maiffret

Today marks the 11 year anniversary of the “September 11th” attacks. It is on these days of remembrance that our memory serves as a tool to heal us, to free us from the emotional burdens that can keep us from moving forward. This happens not by allowing these memories to fade from our consciousness, but by the juxtaposition between our past and present as a way to learn how we might grow.

Often times when extreme tragedy strikes, we search for answers of why it happened and how it could have been prevented. Much debate is given to these topics as it relates to 9/11, but at the core of such discussions is the simplicity that evil can sometimes prevail and we must fight against complacency, at all costs, in order to keep a balance of good in this world.

I often think of the balance between evil and complacency in my own profession within the computer security industry. I say this not to build the importance of one’s life work vs. an incomparable tragedy, but rather as a parallel that I might take something from the events of 9/11 to put actions of good back into this world: to find my own meaning and sense of healing like many others whom lost a friend or loved one on 9/11 or the wars thereafter which are still fought even now.

You see, the business of security is one that is truly a fight against complacency. Security is an intricate dance of not simply the forces of good and evil but of both fear-mongering rhetoric and oft ignored warnings of real dangers. So much of what a security professional does is a process of filtering out the signal from the noise. It is no doubt a taxing effort day in and out to try to make sense of the events unfolding around us and make decisions that can be proactive in preventing future disasters.

I cannot speak to the events prior to 9/11 and what could have been prevented. I say this now, not as rhetoric, but based on a career having been hired to legitimately test and compromise the security of major corporations across all major sectors of industry within the United States: it is with unmistakable belief that societies built upon a technological dependence should heed a warning that we are simply waiting for our 9/11 moment where this machine comes to a halt. Not in terms of loss of life but that of a shock and awe technological failing that cuts to the very core of the culture and economy we continue to make our keeper.

Some would say that the deadlock in Washington affects all manner of policy decisions including those on cyber security. As with so many things in life we need not wait for Washington in order to move forward. As a collective of technologists, developers, security and IT professionals, researchers and most importantly Hackers in the original, un-bastardized, definition of the word, we have but a choice to wake up each day and continue to push this fight forward regardless of this race having no end.

To those in the United States government, military, and intelligence agencies who fight tirelessly every day for the good of humanity and not party politics: we thank you.

Stay relentless,
Marc Maiffret

Tags:
, , , , , , ,

Leave a Reply

Additional articles

powerbroker-for-mac-diagram-small

PowerBroker for Mac: A Least-Privileged Apple a Day…

Posted July 27, 2015    Jason Silva

BeyondTrust PowerBroker for Mac reduces the risk of privilege misuse by enabling standard users on Mac OS X to perform administrative tasks successfully without entering elevated credentials.

Tags:
, ,
PrivilegedAccountManagement

On Demand Webinar – Now is the time for Privileged Account Management

Posted July 24, 2015    BeyondTrust Software

In this webinar, SANS Instructor and Founder of Voodoo Security, Dave Shackleford, will revisit several hacking and breach scenarios that involved privileged accounts, and use these as examples while discussing tools and tactics to get this problem under control once and for all.

Tags:
, ,
dave-shackleford-headshot

Privileged Account Management: The Time is Now

Posted July 22, 2015    Dave Shackleford

There’s plenty of problems we don’t have great options for in InfoSec today. Malware is a pain point that keeps evolving rapidly. 0-day exploits are tough to prepare for. Privileged account management? We got this. We know the root causes, we know how it manifests, we know how to get it under control effectively, and there are great technology solutions that are enterprise-class.

Tags:
, ,