The other day, the president of RSA, made the comments that he believes security has failed. He goes on to admonish defense-in-depth strategies as not keeping up with the need.
I’ve been thinking about what Amit Yoran has said and I’d like to say I disagree with his comments and belief.
It’s been awhile longer than I like to admit for posting. I suspect I’ve been befallen like many others…staying up late night to watch the Olympics. I’ve enjoyed them more this year for some reason than in years past. Maybe I have a greater appreciation for the amount of work it takes these athletes to prepare for competition. And it’s heart breaking when they make a mistake and know it. They continue on even when they recognize their dream of medals is over.
Simplicity in security is something that doesn’t happen very often. I’ve been in this career field for quite some time through the military and commercial sectors. I even try to practice what I preach at home. Throughout these years one thing has become clear to me. Information security is over complicated.
I found this article on darkReading today. I just shake my head when I read about these kinds of things. Basically, a school in Pennsylvania had another data breach from a student at a life experienced age of 15. He thought it would be fun to sneak into the network and steal 55,000 PII information.
The interesting points in the story, as reported, are this: