Dailydave mailing list archives
Re: FraudWorld vs. SpookWorld
From: Konrads Smelkovs <konrads () smelkovs com>
Date: Wed, 1 Apr 2015 09:13:29 +0100
I've seen tech companies who's developers and sysadmins have been trained (or beaten into a good posture) by pentesters as per industry trend only to be completely at loss when fraud hits. And if you follow the cyber advice and get a "BigData" "correlated event processing" and so on you still need a fraud team to build out your use cases and they will simply go "please-install-Silver-Tail-thank-you-very-much". -- Konrads Smelkovs Applied IT sorcery. On 31 March 2015 at 14:30, John Strand <john () blackhillsinfosec com> wrote:
Funny. No mention of compliance. It hit me about a week ago, fewer and fewer people are talking compliance. Fraud and Spook, are coming up a lot more. Are we growing - If just a little? John On Mon, Mar 30, 2015 at 5:24 PM, Anton Chuvakin <anton () chuvakin org> wrote:So far, I've shoved this most excellent post in quite a few faces .... and will shove in more :-) I often wonder whether those same people who equate infosec/"cyber" with fraud (and there are plenty, sadly - not on *this* enlightened list of course :-)) and thus want to "solve cyber", also want to "solve theft", "solve murder", "solve greed", etc, etc, etc. Ah, here goes one more: "... we don't need security, we don't handle credit card numbers here" .... On Sat, Mar 28, 2015 at 6:10 AM, Dave Aitel <dave () immunityinc com> wrote:So much of security is driven by "fraud" and coming from a spook background as many people on this list do, I find it annoying. RSA-the-conference-and-meme is one of those markets that just baffles a lot of people who come from the government space. How is any of that stuff possibly worth so much money? "Fraud" is partially the answer I think. Things that come from the fraud world are as alien to spook-world as a giant ant-eater is to North America. At some level defeating Fraud is about hygiene, more than security. It's about valuing information in fungible units defined by "Credit Cards" or "Users" and not by "importance". But climates can change and we are at the cusp of that change. If you look at how Google Wallet or ApplePay work, they have the major advantage in that they already know what you want to buy before you buy it, and they know where you are at all times, so fraud is going to get exponentially more difficult. It may, in fact, become impossible. Imagine if consumer Fraud went extinct? Is this harder to imagine than a world without woolly mammoths? Companies have learned this year from Sony Pictures that protecting yourself against nation-states is the difference between surviving and not surviving, and that doing so requires a completely different corporate design than they're used to. FraudWorld has been invaded by SpookWorld. Good times! :) Of course, I can't end without saying that if you want to see what the climate is going to look like, what the swamp creatures about to invade tend to eat, then you have to come down to the Everglades and see us at INFILTRATE. -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave-- Dr. Anton Chuvakin Site: http://www.chuvakin.org Twitter: @anton_chuvakin <https://twitter.com/anton_chuvakin> Work: http://www.linkedin.com/in/chuvakin _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Re: FraudWorld vs. SpookWorld Dominique Brezinski (Apr 03)
- <Possible follow-ups>
- Re: FraudWorld vs. SpookWorld Konrads Smelkovs (Apr 03)