SoylentNews is people
SoylentNews
Society is operating under the illusion that governments and corporations are taking rational choices about computer security, but the fact of the matter is that we're drowning under a sea of false positive, bad management, and a false belief in the power of technology to save us.
"The government is very reactive," said Jason Truppi, director of endpoint detection and response at security firm Tanium and a former FBI investigator. "Over time we've learned it wasn't working - just being reactive, not proactive."
Truppi said we need to puncture the belief that government and industry are working together to solve online threats. In reality, he says, the commercial sector and government are working to very different agendas and the result is a hopeless mishmash of confusing loyalties.
On threat intelligence sharing, for example, the government encourages business to share news of vulnerabilities. But the subsequent investigations can be wide-ranging and lead to business' people being charged for unrelated matters. A result companies are increasingly unwilling to share data if it exposes them to wider risks.
The fact of the matter is that companies don't get their own infosec problems and don't care that much. Truppi, who has now moved to the commercial sector, said that companies are still trying to hire good network security people, but bog them down in useless false alerts and management panics.
-- submitted from IRC
(Score: 5, Interesting) by mcgrew on Wednesday February 15 2017, @05:46PM
I can't agree. Industry is the biggest problem. If the government has hacked me, they've left no trace that I can find and have done me no harm. On the other hand, Sony hacked me and thousands of others with their XCP vandalware. Purina killed my grandfather when I was seven because they were too cheap to put doors on the elevators. Now we have OSHA to prevent horrors like that. When I was a kid, you had to roll the windows up in hundred degree weather (before cars were air conditioned) driving past Monsanto in Sauget because the air would burn your lungs. Government forced them to clean it up.
If you think government is the problem, YOU are likely the real problem ("Damn government made me install safety rails and pollution controls! They're EVULL!!!"). Going along with the anti-government rich bastards makes the problem worse. Either grow up or wake up.
mcgrewbooks.com mcgrew.info nooze.org
(Score: 2) by Nerdfest on Wednesday February 15 2017, @07:43PM
Doping good things in one area, and at one time does not preclude doing bad things in another area or at another time. With all of the information they've scooped up on you, you need to keep in mind you haven't had any problems *yet. You may have nothing to hide now, but what they consider subversive will likely change.
(Score: 1, Funny) by Anonymous Coward on Wednesday February 15 2017, @08:09PM
Be nice to mcgrew. He's just saying those thing because they forced him to.
I hope they won't get us all.
(Score: 3, Insightful) by Anonymous Coward on Wednesday February 15 2017, @11:41PM
If the government has hacked me, they've left no trace that I can find and have done me no harm.
So it's all about you, is it? No. Government surveillance threatens all of democracy. [gnu.org] Maybe you're not a whistleblower, a journalist, an activist, a lawyer, someone's political opponent, etc., but other people are, and it's crucial to democracy that we not let the government destroy them. You need to get out of this mindset that it doesn't matter if you're not the one who was harmed by government surveillance.
(Score: 0) by Anonymous Coward on Thursday February 16 2017, @03:19AM
Kinda coincidental there's a story of how North Korea handles its politics.
Right now, this isn't our way of doing it... but it sure looks that's the way we are headed with this incessant monitoring of everyone.
Our way of doing it does not involve physical violence or poison... rather it involves "criminal records" and economics, and the ability of government to confiscate one's property and time. All of which require a substantial information infrastructure to implement.
Whereas the North Korean way only needs the physical muscle most citizens possess.
All this tells me is that the elite who run this country know the populace is getting really pissed off, and they are trying to stave off the French method of asset reallocation as long as they can.