Irony of Network Security

Written by: Francesco Trama | Published on: October 5th, 2017

About The Author

Francesco Trama
As Chief Executive Officer and Founder, Francesco is responsible for the overall operating performance, leading the strategic direction of the company’s products and solutions internally while building technical and business credibility externally as a market-facing thought leader.

As I read through articles on the latest security threats, breaches, door opening exploits, and vulnerabilities that left doors opened. I Ironically see a firewall ad next to the security article saying ‘The Complete Firewall Solution, Get Total Visibility Into Your Security”. The article in Reuters explained how many security systems found they were susceptible to “HeartBleed”.

I kept thinking about how many people read the article, then said “I need a new firewall”, and clicked the ad. I understand the web marketers could have thought it through better, and it was automated, but it was clearly ironic and silly at the same time.

The article telling you most security devices are flawed, then an ad telling you to buy one. It’s like watching a weatherman say there’s no rain in the forecast, while he’s standing in the rain.

The point of this article is not to bash #firewalls, #marketers, or #Reuters by no means. It happens!, We’re only human!, We’re doing the best we can, with what we have!. I get that.

The main point I’m trying to convey is I hope everyone realizes there’s no security device that can definitively tell you what the future attack, virus, malware, or vulnerability will look like. Some make better guesses, but ultimately it’s still a guess, hunch, or software intuition.

I believe the term used for guessing in detection systems is “anomaly”.

The unfortunate truth, and speaking in the network security terms only, is we’re good at learning from our mistakes in the past, “most of the time”. Unfortunately there are just too many options, variables, and possibilities that attackers have at their disposal for us to predict their future.

We are getting better at identification, and there are products such as PacketVIper that limit the attackers path, their global options, capabilities, proxy anonymity, and help ease the chaos. It still comes down to the boots on the ground (security professionals), and detection systems to identify them first. Sadly, it could take up to a day, week, month, and even a year before we understand the threat.

So layer up #security. Stay patched (FYI: Patches could expose new holes), and Vigilant. Don’t become jaded because you’re one fat finger, patch, bad password, or application install from a security melt down.

Most of all, one product will never get you all the way, and If you think you have enough, think again!