Reply to post: Re: Oh dear. Same old tricks still working.

Chinese gang shoots down aerospace security with MSFT flaws

An0n C0w4rd

Re: Oh dear. Same old tricks still working.

CIO is probably not the problem. The CIO on their own is likely not sufficient to enact change as they still need to rely on budget approvals from other people. The CEO and the entire board of directors (including the chairman) need to be liable. Only then will START to change.

I am starting to think that people that say antivirus/antimalware/IDS and IPS are the wrong solution are correct. Antivirus/antimailware only work once the signature of an attack is known. Most IDS and IPS are set up the same way, look for known attack traffic and then respond.

No, you need to set up your systems to allow known legitimate traffic/files/applications and block everything else (i.e. whitelist good stuff, not blacklist known bad stuff). Only then will security start becoming effective.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019