In this post I deviate a bit from routine unified communications ideas to share some thoughts on information security. I've been engaged in a fairly intense three days of infosec work, as I often am. No communications tech in here, but the infosec thoughts may be useful to some of you.

This flight is a bit of a mixed bag. Seatwise, I´m stuck in the back of the plane in a window seat. I generally hate window seats and opt for the aisle. I´m too large to be really comfortable in the confines of a coach seat and the aisle affords an easy opportunity to get up and move more often. I hate disturbing others in the row.

I have an epileptic child behind me. I know this because itś´the only possilbe reason she could have for launching into screaming fits of kicking my seat back. Ok, that just feels tacky and unfair given that I have friends with epilepsy. Sheś an ill-mannered brat, and her parents are twits, Stuffing dad in the overhead may become a viable option as the flight progresses.

I wanted to capture some notes, thoughts and observations to share given my past three days with some pretty incredible speakers in the world of homeland security, law enforcement and information security. These are probably disjointed and are certainly in no order or priority. They´re here in part to jog my memory to write something more substantial about each thought later. So if there´s a thought or point here that intrigues you, leave a comment so I know what areas are of interest.

First, there´s the Nokia N800 I´m writing this on. Phenomenal piece of workmanship. I can´t help but write more about that ahead. Iĺĺ be contacting the company I wrote about that does the turnkey securiy assessment model. I hate to confess Im considering buying one at $3600. Im´probably more focused on getting some of the existing Linux tools running under Maemo on this one,

When it comes to successful cyber security, information sharing is the root key to success. You cannot be an island unto yourself and succeed. That´s a guaranteed path to failure.

In information security we succeed because
- We are not intimidated.
- We don´t get overwhelelmed.
- We have the passion to take on the load. Infosec professionals do the heavy lifting every day of our life.

¨Fast flux hosting¨ is the art of constantly changing the DNS and IP address entries for a system. The bad guys are getting really good at it.

Data theft is RAMPANT. Over 150 million records were breached *that we know of* already this year.

Thumb drives may be the biggest threat. They´re so cheap they´re disposable. We don´t know what is on them. But they aren´t alone. An iPod is a huge storage device that could carry off massive amounts of sensitive data.

The relationship discussions when it comes to infosec remind me of the movie Zorro. Know your circle. The more extreme the iiiiiinciden, the closer to you your circle of trusted colleagues is likely to be. We all fall back to our invidual trusted social network in a pinch. If you don´t already know your circle, get busy and find your circle.

In the enterprise, we got hooked on cheap fast and easy IT. Now we´re paying the price for our addiction. THe IT vendor community hooked us on cheap IT crack and now we´re fighting to survive. There are only two businesses where the customers are called users for a reason, Addictive behavior is a tough cycle to break.

Our old models of security do not work.

warn -> detect -> defend -> mitigate

That was our old model, built on the defense of the castle mindset. It no longer works. The castle isn´t in one place, doesn´t have one single perimeter and isn´t physical.

We need to take on the holistic medicine and managed healthcare approach.

hygeine -> triage -> viruses -> pandemic

We need to teach every user of the Internet to ¨wash their hands¨ and take care of the basic simple health needs. If we do that, we can manage the triage we have to do and reduce the virus infections that hurt us al. If a pandemic breaks out, the situation is probably every bit as bleak as we can imagine. We need a more holistic view, better health care and constant planning/preparation.

China pretty much worries about the same things we do. With some slight variations. Their biggest fear is net addiction. Is that because they see what it´s done to the rest of us?

The worst DoS attacks lie ahead. They´ll be against the infrastructure that runs the Internet. Look for DNS and certificate authorities to be hot spots.

We truly do not understand our dependence on Internet technologies. We are all dependent on the stupidest user of the Internet.

Only one quote here. This all from my own chicken scratching as thoughts were flying through my head. But here´s a quote from a CIA analyst. Very senior, Very frightening. ´Thumb drives are a spy´s best friend.¨

You might think that you take all the right steps to be safe, but you don´t. WiFi is a danger zone. Free hotspots come at a huge price. Even your cell phone carries your entire social network,

Cyber crime is a mature, pervasive ¨evil service economy¨ that leverages cyber space for profit, Follow the money. Always follow the money. It is not about script kiddes and vandals any more.

The idea of signature based malware detection is laughable at best today. Targeted polymorphic malware has shown that signature detection does not work. Signature´s rely on the law of large numbers, which is out of play in any focused attack,

Assume that there will be a very bad day. Assume that I won´t be here. Assume your infosec regulars wont be there. There will be no warning. Every time you think you have it beat and come back up, it will take you back down. Do you have a plan?

A piece of advice. Don´t let duct tape become a permanent part of the infrastructure.

You know, I have a whole lot more. Pages, ideas, notes, scratches of inspiration. I´ll never be able to make use of it all. But those were a few important points I thought Id share on the flight home via the N800. Share with myself, and with you, in this rambling visible thought-space.

I have a couple hours of flight time yet, but other things to write and a nap to take.


Technorati Tags: Infosec