If you are in my profession you likely measure your success by the white smoke.
Yeah, the chemtrails, the metaphoric condensation trail you leave behind if the business you are ethically hacking has not done their due diligence. We break things with an eye to a cure for the breaches.
So… here are a few security thoughts as we close out a rather cataclysmic 2014 in regards to security breaches.
I am not an alarmist but this year has proved that IT security is very important and deficient at the same time. If you are a IT manager, talk to your director. If you are a director talk to your VP. If you are a VP talk to your boss. If you are the chief talk to your BOD.
Money needs to be invested in security. Yeah, there is a chance that you do not store sensitive data anymore. No more CCNs, no more PII? But what issues do you still face?
– Ridicule on the part of your competition.
– Denial of service.
– Scathing blogs, tweets, etc, that will stick out there forever. Why? Welcome to http://archive.org/web/.
– Loss of revenue from the above.
– Much, much more. Think about it.
There are great companies out there that can help you shore up your security. Many are on the East Coast of The United States for some reason. Reach out to them. Ask me for a recommendation. I’d be more than happy to point you in the right direction.
Why did I call this article “This Is What Winning Looks Like”? Because in 2015 if you play your cards correctly you’ll stay off the IT security radar. You will maintain your reputation. You will maintain your security. You will not be mentioned in the news. This is what winning looks like from a technology perspective.
In this day and age… you need to be concerned about this. Bottom line.
See yourself as something greater than a pathetic, undertrained, bank. Do not be BOA. Target. TJX. A government agency. You name it. They should have been looking in their rear view mirror from the start but they did not. You can be better than this.
I see a shift taking place in the cyber-terrorism, corporate espionage world. SQL injection is going to fall off the top 10 list eventually. What is going to start sticking is social engineering, con-games, confidence schemes. DoS and more blatent attacks that are more malicious in nature and meant to cause downtime and loss of revenue.
Why can I say this?
…who would have thought that an entire country could be taken off line.
Jock Pereira | jockpereira.com | firstname.lastname@example.org | 978-666-4000