funsec mailing list archives
Re: Citizen cyber-protectors?
From: <michael.blanchard () emc com>
Date: Thu, 19 Jul 2012 11:45:06 -0400
Not even if I was wearing a pair of socks given to me from one of those beetle sellers :-) Michael P. Blanchard Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE Office of Information Security & Risk Management EMC ² Corporation 32 Coslin Drive Southboro, MA 01772 Office: (508)898-7102 Cell: (508)958-2780 email: Blanchard_Michael () EMC COM -----Original Message----- From: Drsolly [mailto:drsollyp () drsolly com] Sent: Thursday, July 19, 2012 11:43 AM To: Blanchard, Michael (InfoSec) Cc: kyle.creyts () gmail com; funsec () linuxbox org; rmslade () shaw ca Subject: RE: [funsec] Citizen cyber-protectors? What, even if loads of beetle-sellers told you how important it is? On Thu, 19 Jul 2012 michael.blanchard () emc com wrote:
I'm part of the .5%.... I could care less about collecting beetles.... Michael P. Blanchard Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE Office of Information Security & Risk Management EMC ² Corporation 32 Coslin Drive Southboro, MA 01772 From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Kyle Creyts Sent: Thursday, July 19, 2012 7:25 AM To: Drsolly Cc: funsec () linuxbox org; Rob, grandpa of Ryan, Trevor, Devon & Hannah; infosecbc () yahoogroups com Subject: Re: [funsec] Citizen cyber-protectors? I am part of the 1%. On Jul 19, 2012 2:31 AM, "Drsolly" <drsollyp () drsolly com<mailto:drsollyp () drsolly com>> wrote: If someone can't be bothered to write their thoughts down, and require me to spend 20 minutes to watch a video giving views that I could have read in one minute, then I'm not going to devote my time to listen to them. Since I haven't heard what he has to say, I cannot comment on his views. Except to point out that 99% of people are as interested in computer security as they are in beetle collecting. And anything that depends on them being more interested than that, or better informed, is doomed. On Wed, 18 Jul 2012, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:Marc Goodman (who I believe is https://twitter.com/FutureCrimes and http://www.futurecrimes.com/ ) gave a recent TED talk on trends in the use of high technology in crime: http://www.ted.com/talks/marc_goodman_a_vision_of_crimes_in_the_future.html The 20 minute talk is frightening, with very little in the way of comfort for the protection or security side. He ends with a call for crowdsourcing of protection. Now as a transparent society/open source/full disclosure kind of guy, I like the general idea. But, as someone who has been involved in education, security awareness, and professional security training for some time, I see a few problems. For crowdsourcing to work, you need a critical mass of at least minimally capable people. When you are talking about a weather reporting app, that minimal capability isn't much. When you are talking about detecting cyberwar or bioweapons, the capability levels are a bit different. Just yesterday the PNWER (Pacific NorthWest Economic Region http://www.pnwer.org/ ) conference became the latest to bemoan the lack of trained employees. I rather suspect these constant complaints, since I see lots of people out of work. But the people who are whining about employees are just looking for network admins and such. We need people with more depth and more breadth in their backgrounds. I get CISSP candidates in my seminars who are network admins who simply want to know a few ACLS for firewalls. I have to keep telling them that security professionals need to know more than that. Yes, I am privileged to be able to meet a number who *are* interested in learning everything possible in order to meet any need or problem. But, relatively speaking, those are few. And my sample set tends to be abnormal, in that these are people who have already shown some interest in training (even if only job related). What Goodman is talking about is the general public. And those of us who have actually tried security awareness know how little conceptual awareness we have to build on, let alone advanced technical knowledge. I think awareness, self-protection, and crowdsourcing is probably the only good way to approach the problems Goodman outlines. I just worry that we have a long way to go. http://blogs.securiteam.com/index.php/archives/1793 ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca<mailto:rslade () vcn bc ca> slade () victoria tc ca<mailto:slade () victoria tc ca> rslade () computercrime org<mailto:rslade () computercrime org> On Friday, January 23rd, 2004, in a speech at the World Economic Forum in Davos, Switzerland, Bill Gates stated `Two years from now, spam will be solved.' victoria.tc.ca/techrev/rms.htm<http://victoria.tc.ca/techrev/rms.htm> http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list._______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Citizen cyber-protectors? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 18)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)
- Re: Citizen cyber-protectors? michael.blanchard (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? michael.blanchard (Jul 19)
- Re: Citizen cyber-protectors? valdis . kletnieks (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Drsolly (Jul 19)
- Re: Citizen cyber-protectors? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 19)
- Re: Citizen cyber-protectors? Kyle Creyts (Jul 19)