RE: Re: The AV.

["Young, Keith" <Keith.Young () montgomerycountymd gov>]

> We live in a capitalist society. If you can make an AV that's ten
times 
> better than existing products, and ten times cheaper, then I really
cannot 
> imagine why you haven't done so.
>
> The reason why it hasn't happened, is *not* because the AV companies
don't 
> want to. It's because they don't know how to - and neither do I.

No, it is because solving the issue cannot be done by any type of
anti-virus or IPS product.

Sometime in the past 15 years, everyone in the security industry has
gotten lazy. Instead of defining how our data is accessed/moves across
our network (baseline), and then restricting only what is necessary to
do our jobs (default deny), we are trying to throw a bunch of
technologies such as IPS/data classification/AV/etc software (default
permit) as an easy way to "secure" our networks. 

Dr. Solomon, as you have stated before, we will only change to Grannyx
when [the cost of security incidents plus the cost of the default permit
technologies] is greater than [the cost of baselining then implementing
default deny]. Until that happens, we will all be fighting a losing
battle.

PS. For those wanting a good read, check this out:
<http://www.ranum.com/security/computer_security/editorials/dumb/index.h
tml>

--Keith

Keith Young, Security Official
Department of Technology Services
Montgomery County, Maryland
phone - (240) 777-2955

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.