Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Are We Doomed? SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Are We Doomed?

In no particular order:

We Are Doomed

There is Hope 

  1. Bot networks seem to be growing in size.
  2. Many web developers don't understand XSS, CSRF and SQL injection-type vulnerabilities.
  3. Anti-virus vendors are starting to send signature updates several times per hour.
  4. It takes a reboot to update Adobe Acrobat and updating VMware Workstation requires a 330MB download.
  5. Criminals are becoming more aggressive about protecting their enterpises via DDoS.
  6. Targeted attacks easily bypass organizations' defenses.
  7. DNS remains a weak link.
  8. Passwords suck.
  9. Wi-Fi is becoming more common, even though securing it remains a challenge.
  1. Prescriptive compliance requirements (e.g. PCI DSS) are making it harder to ignore IT security.
  2. Security technologies are becoming smarter (e.g., web application firewalls).
  3. Anti-virus vendors are paying more attention to behavioral protection and performance.
  4. The community's expertise in analyzing malware is becoming more sophisticated.
  5. Search engines are starting to warn users about potentially malicious sites.
  6. The law enforcement seems to be getting better at catching alleged cyber-criminals.
  7. It may be getting harder to host malicious sites on a large scale.
  8. Running out of steam here... Is the "Doomed" column winning?

Any suggestions for the lists above? We'd love to hear them. It's probably easier to come up with the items for the "Doomed" column, but consider what we can build upon to tip the scales in the defenders' favor.

 -- Lenny

Lenny Zeltser
Security Consulting - SAVVIS, Inc.

Lenny teaches a SANS course on analyzing malware.

Lenny

216 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!