BreachExchange mailing list archives
IT security staff have a job for life – possibly a grim, frustrating life
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 5 Aug 2015 19:40:56 -0600
http://www.theregister.co.uk/2015/08/05/it_security_jobs_grim_in_future/ Speaking at the opening of the 18th Black Hat security conference, its founder Jeff Moss warned the assembled throng that while they might have job security, they weren't going to have fun in the next decade. "We are all employed for life," Moss said. "It's interesting, I see problems and challenges and on one hand am really excited, but on the other I just want to sleep." The decisions made over the next five years will affect the use of technology for the next 30 years, and so far the signs aren't good, Moss said. What's coming is a mix of old problems revisited and new ones coming down the line. For example, the crypto wars are back, he said, and a new generation of politicians and law enforcement officials are demanding backdoor access to cryptographic software, just as they did in the 1990s. It's up to techies to show them why this is a bad idea, Moss said. A new problem is the rise of cyber insurance – in 10 years between a quarter and a third of IT security budgets are going to be taken up paying insurance against intrusion and not defending the network. Getting a payout when your system goes down is nice, but you can't run a business like that, Moss warned. Software companies are also going to have to step up and take responsibility for their products, Moss warned. Without some kind of liability, the industry will still be in the same mess it is now in 20 years time. "Boeing and Airbus are basically managing flying data centers and they operate under liability," Moss said. "An Oracle data center has no liability and that's not going to last – companies want a level playing field." Software liability need not be punitive, but there must be some way to get companies to take responsibility for their flaws, Moss argued. Without that, nothing in the industry will change. Change was a constant theme of Moss' talk. He pointed out that when he started out in the hacking field, software piracy was legal, as was tinkering with hardware. Both are now illegal – and in the UK, mandatory minimum sentences for piracy are now being proposed. This is the biggest Black Hat yet, Moss said, and it was up to every attendee to go out and advocate for change. Hacking is fun, but unless those who do it step up to the plate, he warned, things could get very grim for the next generation.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- IT security staff have a job for life – possibly a grim, frustrating life Audrey McNeil (Aug 13)