Today I have a guest commentary on the changes in security landscape since 2001 in Threatpost.

So as I look back over the last 10 years I don’t see much of a change in the vulnerability-scape, if you will, but in the threat landscape. New classes of attackers have gone mainstream and global. They are sophisticated and effective. But our defenses have barely gotten better. There has been an incremental approach to defenses: deeper packet inspections, more heuristic anti-malware, more auto-update patching, but it hasn’t been able to keep up. I hope over the next 10 years there are some radical changes in how we perform security or the problem will get dramatically worse. The criminals, spies, and hacktivists are here to stay unless we stop them.

It sounds a bit pessimistic but I mean it to be a wakeup call. The still current trend of reactive security, where we detect more things ever faster and share signatures ever wider, will not solve our problems. Attackers will counter by being more targeted and changing attack signatures quicker. They are operating inside the reactive defenders OODA loop and are not going to give up this advantage unless we change the model on them.

I am not advocating eliminating reactive security. Detection and sharing is important. We need smoke detectors and fire departments. But just like those fire safety capabilities alone don't give us safe living and working environments, IDS in its various forms will not give us safe computer networks. We need to add building codes on top of reaction. We need to use the computer analogs of "fire proof materials" and have less risky behaviors with flammable materials. This means building the software that makes up our infrastructure more securely and having public standards to test that it really is more secure. It is a harder problem than inspecting buildings but we have to solve this problem or the attackers will always be able to burn us down.

Veracode Security Solutions
Security Alternatives
Security Threat Guides

About Chris Wysopal

Chris Wysopal, co-founder and CTO of Veracode, is recognized as an expert and a well-known speaker in the information security field. He has given keynotes at computer security events and has testified on Capitol Hill on the subjects of government computer security and how vulnerabilities are discovered in software. His opinions on Internet security are highly sought after and most major print and media outlets have featured stories on Mr. Wysopal and his work. At Veracode, Mr. Wysopal is responsible for the security analysis capabilities of Veracode technology.

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.