Mar 27 2007
By Ira Winkler
I was finishing up my latest book, Zen and the Art of Information Security, and I was thinking about what was the most important component of a security program. The one thing that I kept coming back to is that an organization that the most secure organizations were those that ignored the source of the problems and focused on addressing the problems.
After all, it doesn’t matter who is at fault for your problems, it matters how you handle them. You have to look beyond who may attack you. This doesn’t justify them attacking you, but it does mean that you need to proactively protect yourself and acknowledge that you have to do what you can to protect yourself. Just about every computer attack people and organizations experience could have been prevented. You can’t blame attackers or your software, when you could have proactively prevented the attacks. Other entities may be the source of the attack, but again, it is irrelevant.
Look at the analogy of a burning building. If you are inside a burning building, are you going to stand there and blame the person who smokes that caused the fire? Are you going to get out of the building as fast as you can, or are you going to stand there and wait for the fire department to come and rescue you, because it is their job?
Again, you might not be at fault and other people have a duty to assist you. Does that however mean that you are not going to proactively save yourself? Computers are the same way, but sadly people like to stand around and waste their time pointing fingers while not taking action.
Related posts:
Posted by Ira.Winkler on Tuesday, March 27th, 2007, at 1:06 am, and filed under Articles.
Follow any responses to this entry with the RSS 2.0 feed.
You can post a comment, or trackback from your site.
admin | 27-Mar-07 at 1:19 am | Permalink
The problem is when attacks don’t fit into the nicely “preventable if you are savvy and willing to potentially annoy users” category. 0-day exploits, or vendors who ship software that is seriously broken (back in the day Netscape’s email server couldn’t restrict who relayed email through it, spammers had a field day). In any event it is important to find out what failed and how it failed (a.k.a. blame sometimes) so that you can properly prevent it. Just running out of burning buildings is not going to result in stronger building codes and fire codes.