19 October, 2006

The other shoe - Where are the worms

For the better part of 4 years the information security world has been waiting for the other shoe to drop. The FUD is still out there. People have pontificated at length about why it hasn't , whether perhaps it has and many haven't noticed, and when it will. Realistically the negative prognostication have been accurate. The monthly virus count keeps rising in a more or less accelerating rate, Last month was the greatest month yet for vulnerabilities, and no one bothers to even watch their internet facing logs anymore. When many of us scan our environments or see other items out there we worry and wonder why things are not worse.

So why is there so little obvious pain?

Some of the arguments are that the virus writers have gone pro. There is certainly some evidence for that but it cannot account for everything.

A few organizations have made spectacular efforts at protecting their environments but we all know that that is the exception not the norm.

So why are we so lucky? (are we?)

I think that we have been good at layering our defenses either intentionally or unintentionally.

I've been talking about layering in addition to defense in depth for quite some time.

Both from a process

and technical perspective.

If we start doing it from a more methodical perspective then we can caplitalize on it to save some money.

No comments: