By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    data-driven white label SEO
    Does Data Mining Really Help with White Label SEO?
    7 Min Read
    marketing analytics for hardware vendors
    IT Hardware Startups Turn to Data Analytics for Market Research
    9 Min Read
    big data and digital signage
    The Power of Big Data and Analytics in Digital Signage
    5 Min Read
    data analytics investing
    Data Analytics Boosts ROI of Investment Trusts
    9 Min Read
    football data collection and analytics
    Unleashing Victory: How Data Collection Is Revolutionizing Football Performance Analysis!
    4 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: Are Security Pros Becoming Too Paranoid?
Share
Notification Show More
Aa
SmartData CollectiveSmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > Are Security Pros Becoming Too Paranoid?
Security

Are Security Pros Becoming Too Paranoid?

BryanHalfpap
Last updated: 2011/12/22 at 8:10 PM
BryanHalfpap
3 Min Read
SHARE
Paranoia is good when it comes to cyber-security…or is it?

Are we making ourselves paranoid?

Paranoia is good when it comes to cyber-security…or is it?

Are we making ourselves paranoid? Like many computer security professionals, I tend to closely follow technology and security news, even though its often discouraging and depressing.  It is routine to see articles disclosing general information about recent attacks and criminal successes (and sometimes criminal captures).  I suppose that at this point it is fairly common to find “shocking” breaches of trust and security in major corporations or large, widely-used or well-trusted systems.  Even reports of malware infections in drone control centers was met with a certain “well it was only a matter of time” feeling. This cynicism is common amongst those who work in the computer security field, both as reporters and as professionals in some capacity from tier 1 support to penetration testing and CSO’s.  When you’re a cynic, you stop being surprised.

What has started to happen as a blowback from all this security bad press and cynisism is a general feeling of paranoia.  This paranoia, advocated by security pros to general users in order to cut down the rate of infection of users and lessen security risks, is starting to creep into the minds and actions of security personnel.

This is a major problem because overly-paranoid security team members can cause major headaches with overreactions to abnormal conditions.  Like in Illinois with the water pump scare, or with the recent rumours of Iranian spy drone hacking.  While computer security problems have plagued us for years, they aren’t always to blame when something unexpected happens.  It’s important not to alienate users, customers, and the world at large by overreacting or acting before all the information is gathered.

More Read

Reducing False Positives in Customer Screening

It’s like the boy who cried wolf.  If your security team jumps at nothing all the time, they will not be taken seriously when they need to.

Implement policy to fix announcements of false positives.  A simple series of steps and confirmations should be enough to let you detect, learn about, and defeat intrusions.

  1. Verify with users or other policy that system behaviour is unexpected or unwanted.
  1. Gather information about activities on system.  Running programs, users, log information, communications to other systems, and outbound communications are important to know in order to profile the attack and determine the extent of the damage and action.
  1. Disable/disarm attacker.  Use knowledge gained from step 2 to block attackers when starting remediation/triage.
  1. Perform triage and remediation procedures on affected systems.

You will need to determine for yourself when along that process a security disclosure needs to occur in order to remain compliant with standards and honest with users/customers.

TAGGED: false positives
BryanHalfpap December 22, 2011
Share This Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

sobm for ai-driven cybersecurity
Software Bill of Materials is Crucial for AI-Driven Cybersecurity
Security
IT budgeting for data-driven companies
IT Budgeting Practices for Data-Driven Companies
IT
machine,translation
Translating Artificial Intelligence: Learning to Speak Global Languages
Artificial Intelligence
data science upskilling
Upskilling for Emerging Industries Affected by Data Science
Big Data

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

Reducing False Positives in Customer Screening

4 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence
AI and chatbots
Chatbots and SEO: How Can Chatbots Improve Your SEO Ranking?
Artificial Intelligence Chatbots Exclusive

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?