Dailydave mailing list archives
Re: Drinking the Cool-aid
From: dan () geer org
Date: Thu, 20 Mar 2014 12:18:05 -0400
| Networks are often the result of successive technological layers. As | organizations take on new business, face new threats, reconsider | security notions (e.g., insider/outsider), or embrace "new" security | paradigms, more security products get deployed, adding complexity and | increasing the attack surface. | | The picture that emerges resembles one big security contraption. It is | hard to tell at what extent it will work as intended. The question to ask your favorite CISO/CIO/General Counsel is Have you or would you ever decommision a security product? With the Index of Cyber Security (which I run with a colleague), in September, 2012, we asked a form of this question: What percentage of the security products you are running now would you still run if you were starting from scratch? 0-20% 5% of respondents 21-40% 15% of respondents 41-60% 20% of respondents 61-80% 27% of respondents 81-100% 34% of respondents Clearly, there are many who seem to be happy with what they have, and yet there is a significant number that thinks they could do better. One in five respondents reported that they would keep less than 40% of their current security products. Averaging the results, as many as 1 in 2 products at the higher end of the range, or 1 in 4 products at the lower end (25.4% to 45.6%) would be discarded if starting from scratch were to be an option. The mid-point of these high and low ranges was 35.5%, or roughly 1 in 3, which was interestingly high. Part of the explanation here is surely that no CISO/CIO/GC wants to stand up in a Management Committee meeting and say "Our investment in the PushMePullMe Scanner has proved to be a total loss; we need $X,000,000 to decommission it and buy the tIPSy-nIPSy system instead." No, it will be to *add* tIPSy-nIPSy to the environment and leave the the PushMePullMe Scanner up and running. --dan _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Drinking the Cool-aid Dave Aitel (Feb 22)
- Re: Drinking the Cool-aid yersinia (Feb 24)
- Re: Drinking the Cool-aid Alfonso De Gregorio (Feb 24)
- Re: Drinking the Cool-aid dan (Mar 21)
- Re: Drinking the Cool-aid Scharf, Stephen (Mar 24)
- Re: Drinking the Cool-aid dan (Mar 24)
- Re: Drinking the Cool-aid dan (Mar 21)
- Re: Drinking the Cool-aid Andreas Lindh (Mar 03)
- Re: Drinking the Cool-aid Joe Gatt (Mar 03)
- Re: Drinking the Cool-aid Andre Gironda (Mar 03)
- Message not available
- Re: Drinking the Cool-aid Eggensperger, Roy E (Mar 03)