Managed Security Providers

As I wrote in a recent posting, even for large intranet operators it is too difficult to properly protect their network.

Many firewall admins are actually belonging to the biological species called "Bradypus variegatus". They manage to wear T-shirts and old jeans, but you can spot them from their long beard and bad smell.

It is time to get real pros monitoring the firewall and other critical points in an intranet. Bruce Schneier made a lot of money with Managed Security Services and for good reason. It does not make economic sense to replicate these highly specialised skills in thousands of instances, when the best expertise should be concentrated at one point. Also, the knowledge gained by monitoring breakin and exfiltration attempts should definitely be collected at a central point.

@jlocke

Most companies cant protect their network properly because some over confident phb who doesnt actually know anything ignores the firewall admin whos telling everyone why something shouldn't be done, because he has is wearing a teeshirt and old jeans.

Attitudes like yours are not professional and wearing a suit and grooming yourself for management presentations doesnt make you any more skilled at the actual job, they are hower snobbish and you can outsource to the cloud, at which point your probably going to get p0wned because some crappy offshored SAAS hasn't got any better security than the one your replacing it with and you probably share that "security" appliance as a vm on a machine running about 40 different "security" instances, maybe some carders, who knows. The point is you wont.

Good security begins at home and you can only trust what you explicitly allow to happen on your own kit.

Ever the defensive game..

Protecting against attack is always the defensive game. You have to win every time, they only have to win once.

It's a great truism that the best form of defense is attack; however, in this arena, it needs specialist knowledge, and strong interfaces to the active part of law enforcement to actually mount an offensive.

The average corporate/organisation doesn't have the time, or the contacts to do this effectively, so we need a group, such as the ones investigating and co-ordinating the investigation and bust in the article to act as the 'digital army' protecting us from the electronic barbarian hordes. Every corporation is the equivalent of a villiage with wooden pallisades and a local militia (at best). We need a more highly trained, specialised and funded group to protect the greater scope.

Oooh nice...

a botnet called "butterfly". Isn't that pretty?

It's time to get serious about punishment

If these botnet operators get any jail time at all in our enlightened society, it will likely be about 3 years. Let's try something serious: 1 day for each computer infected. Quite reasonable, and will tuck them away for over 30,000 years.

I think the bigger point is

They got caught. Unless botnet creators operate from countries where law enforcement is lax, or where they have ties to the government, they still have a high chance of getting caught.

I count that as good news.

whose internet names and ages ...

I have several internet names, one of which you see here, but I had never thought of having internet *ages* too!