- Kindle back orders stretch 3 months at Amazon
- Cisco shutting down between holidays
- Smartphone smackdown: Storm vs. iPhone
- 12 myths about how the Internet works
- Google layoffs: 10,000 jobs being cut
If there is one lesson we should learn from the big win over the liqui-bombers in the United Kingdom, it is the importance of intelligence. Not only did the authorities take some dangerous folks out of the mix, but the definitive proof of the plan made such drastic restrictions on liquids acceptable to a skeptical public. Terrorists can attack hundred of thousands of targets, so how do you know which ones to focus on and protect more aggressively? In one word: intelligence.
Security folk spend an awful lot of time researching what things are broken, and much less time figuring out which of those broken things are going to be used to compromise machines. Everyone goes to a show like Black Hat and gets all fired up about how cool it is to break things. That's called research.
As we've seen with all the focus around the wireless exploits and virtual machine rootkits, just because something is vulnerable, doesn't mean an attack is going to be launched imminently. Security research is an important part of the process, and I respect those who spend their time figuring out what is broken and work with the vendors at risk to fix it.
But I also want to call out all of the security intelligence types who do the yeoman's work of trying to figure out what the bad guys are going to do next. How did we know that Microsoft's recent high-profile patch (MS06-040) was being exploited by the bad guys and it was absolutely critical that everyone patch immediately? It's because some unsung heroes practice the art of security intelligence.
Who are these security intelligentsia? They typically are either government agents working to crack a crime ring (notice that a warning on MS06-040 came from the Department of Homeland Security) or they work for a private enterprise and realize the need to track this information to make their products more relevant and keep them ahead of the curve. They spend their time trying to break into these cabals of bad guys, become a trusted part of their world and monitor the traffic. This way they figure out what these networks of bad guys are up to.
Let me provide more context. Information security professionals face an attack surface that spans every network, server, endpoint and application. Combine this with a literally infinite number of attack vectors that can be used at any time to compromise a system.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment