Access your Pro+ Content below.
Marcus Ranum: Systems administration is in the 'crosshairs'
This article is part of the Information Security issue of December 2018, Vol. 20, No. 6
I've been writing this column, originally as a debate with Bruce Schneier, since April 2006 -- so 12 years. In that time, I've enjoyed the opportunity to air some of my favorite themes in computer security -- sometimes subtly, other times less so. It's time to stop; I'm starting to repeat myself, and my view of the trajectory of security has been getting more jaundiced. So, I'd like to thank you all and move on to other things. From where I sit, I see security as a side effect of poor development and systems administration. On the theoretical front, we've got to worry about sophisticated subversion attacks launched against us by our own governments. In practice, though, our problems stem from the fact that developers are sloppy and the environments in which software is developed favor speedy rollout of features over reliability. If that weren't bad enough, management has systems administration costs in the crosshairs for cost-cutting. Systems administration is a problem that has not been solved; virtualization and deployment ...
Features in this issue
Tired of waiting for signs of an attack, companies are increasingly adding threat hunting capabilities to their playbooks to find likely ways their systems could be infiltrated.
The frequency of endpoint attacks is on the rise, with 76% of IT security professionals reporting that their organization was compromised by new or zero-day (unknown) exploits.
Security professionals are using identity and access management systems to track metrics on password resets, onboarding and offboarding, and employee retention and customer service.
News in this issue
Threat hunting hinges on an analyst's ability to create hypotheses and to look for indicators of compromise in your network. Do you have the resources to hunt?
Columns in this issue
"We have invested a billion dollars over the last couple of years just in security," says Ron Green, Mastercard's chief of security, who joined the company in 2014.
After years of spirited debates and top-notch interviews, columnist Marcus Ranum is signing (sounding?) off with some final thoughts on the future of security.