By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    data science anayst
    Growing Demand for Data Science & Data Analyst Roles
    6 Min Read
    predictive analytics in dropshipping
    Predictive Analytics Helps New Dropshipping Businesses Thrive
    12 Min Read
    data-driven approach in healthcare
    The Importance of Data-Driven Approaches to Improving Healthcare in Rural Areas
    6 Min Read
    analytics for tax compliance
    Analytics Changes the Calculus of Business Tax Compliance
    8 Min Read
    big data analytics in gaming
    The Role of Big Data Analytics in Gaming
    10 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: Are Security Pros Becoming Too Paranoid?
Share
Notification Show More
Latest News
SMEs Use AI-Driven Financial Software for Greater Efficiency
Artificial Intelligence
data security in big data age
6 Reasons to Boost Data Security Plan in the Age of Big Data
Big Data
data science anayst
Growing Demand for Data Science & Data Analyst Roles
Data Science
ai software development
Key Strategies to Develop AI Software Cost-Effectively
Artificial Intelligence
ai in omnichannel marketing
AI is Driving Huge Changes in Omnichannel Marketing
Artificial Intelligence
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > Are Security Pros Becoming Too Paranoid?
Security

Are Security Pros Becoming Too Paranoid?

BryanHalfpap
Last updated: 2011/12/22 at 8:10 PM
BryanHalfpap
3 Min Read
SHARE
Paranoia is good when it comes to cyber-security…or is it?

Are we making ourselves paranoid?

Paranoia is good when it comes to cyber-security…or is it?

Are we making ourselves paranoid? Like many computer security professionals, I tend to closely follow technology and security news, even though its often discouraging and depressing.  It is routine to see articles disclosing general information about recent attacks and criminal successes (and sometimes criminal captures).  I suppose that at this point it is fairly common to find “shocking” breaches of trust and security in major corporations or large, widely-used or well-trusted systems.  Even reports of malware infections in drone control centers was met with a certain “well it was only a matter of time” feeling. This cynicism is common amongst those who work in the computer security field, both as reporters and as professionals in some capacity from tier 1 support to penetration testing and CSO’s.  When you’re a cynic, you stop being surprised.

What has started to happen as a blowback from all this security bad press and cynisism is a general feeling of paranoia.  This paranoia, advocated by security pros to general users in order to cut down the rate of infection of users and lessen security risks, is starting to creep into the minds and actions of security personnel.

This is a major problem because overly-paranoid security team members can cause major headaches with overreactions to abnormal conditions.  Like in Illinois with the water pump scare, or with the recent rumours of Iranian spy drone hacking.  While computer security problems have plagued us for years, they aren’t always to blame when something unexpected happens.  It’s important not to alienate users, customers, and the world at large by overreacting or acting before all the information is gathered.

More Read

Reducing False Positives in Customer Screening

It’s like the boy who cried wolf.  If your security team jumps at nothing all the time, they will not be taken seriously when they need to.

Implement policy to fix announcements of false positives.  A simple series of steps and confirmations should be enough to let you detect, learn about, and defeat intrusions.

  1. Verify with users or other policy that system behaviour is unexpected or unwanted.
  1. Gather information about activities on system.  Running programs, users, log information, communications to other systems, and outbound communications are important to know in order to profile the attack and determine the extent of the damage and action.
  1. Disable/disarm attacker.  Use knowledge gained from step 2 to block attackers when starting remediation/triage.
  1. Perform triage and remediation procedures on affected systems.

You will need to determine for yourself when along that process a security disclosure needs to occur in order to remain compliant with standards and honest with users/customers.

TAGGED: false positives
BryanHalfpap December 22, 2011
Share this Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

SMEs Use AI-Driven Financial Software for Greater Efficiency
Artificial Intelligence
data security in big data age
6 Reasons to Boost Data Security Plan in the Age of Big Data
Big Data
data science anayst
Growing Demand for Data Science & Data Analyst Roles
Data Science
ai software development
Key Strategies to Develop AI Software Cost-Effectively
Artificial Intelligence

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

Reducing False Positives in Customer Screening

4 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data
AI and chatbots
Chatbots and SEO: How Can Chatbots Improve Your SEO Ranking?
Artificial Intelligence Chatbots Exclusive

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?