Friday, March 18, 2011

Security Firm RSA got hacked...what does that mean to the rest of us?

By now anyone following information security must have heard about the RSA hack. If not go and google it for details. What exactly happened is not clear, RSA is talking about some sophisticated attack, but I guess they would say that no matter what. It doesn't really matter.

So what does that mean to the rest of us:
  • If you are going to get hacked or not seems to be only a function of wether you are an attractive target or not. All other variables (attack vectors, risk, vulnerability...) seem to be just noise. It comes down to incentives and economics.
  • I still meet too many people whose eyes sparkle when they get the chance to talk about the latest security tools they implemented. Typically those start to fall apart a few months after the implementation. But the lesson here is that as much as you depend on security tools they are only as good as the people that designed them, the implementation and maintenance. Additionally they also can be your Achilles heel. Besides the complexity that they add, every now an then we find security tools that can somehow be exploited.
  • Instead of running after the latest security hypes, make sure you cover the basics:  least privilege, segregation of duties, change management, zoning, incident response, risk management, recovery, patch management, awareness, social engineering, default deny, defense in depth.....
And this concludes my first post.

No comments:

Post a Comment