UK admins lack skills to spot hackers, says pentest expert

[InfoSec News <alerts () infosecnews org>]

http://www.computerworlduk.com/news/security/3296294/uk-admins-lack-skills-to-spot-hackers-says-pentest-expert/

By John E Dunn
Computerworld UK
10 August 11

Many UK admins lack the skills, resources and time necessary to keep 
firewalls secure from well-drilled hackers, one of the country’s loading 
penetration testing experts has claimed while launching a new defence 
training course.

The problems start with expert oversight of the firewall and Intrusion 
Detection System (IDS) logs, said former head of penetration testing at 
the Royal Air Airforce, Steve Armstrong, who will lead the new SANS 
course, 464 Hacker Detection for Systems Administrators.

Of the last 20 incidents his SANS team had been called to look at, 95 
percent showed clear evidence of trouble once the logs were studied with 
care.

“In many cases, it is often an admin who has a 'gut feeling' that calls 
us in but when we start digging, the full extent of the breach is 
normally far worse than initially suspected,” said Armstrong.

[...]

___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/