RSS Alerts

Share

More services

John Walker

Job title:
CEO, Secure Bastion LTD

Areas of expertise:
Professor John Walker: FBCS CITP CISM CRISC ITPC

Biography:
CEO of Secure-Bastion Ltd, Practicing Expert Witness, Visiting Professor Nottingham Trent University. Fellow of the BCS, & hold CITP (BCS), CISM CRISC (ISACA), UK Government ITPC. Chair of the London ISACA Chapter Security Advisory Group (SAG) , ENISA CEI Listed Expert, & Editorial Board Member of CSRI.

Tag Cloud

hackingcloudDavid HarleySecurityMalwareComplianceWiFicloud security

Bloggers

Blog

The Free Spirit

Being a free spirit in the interesting, evolving world of cyber/information security (or is that insecurity?) I am privileged to work with some very interesting organisations, and the year 2011 has proven to be one of the best. The great thing about working with the experts, and visionaries of the niche players, and the industry big wheels, is that one can gain a keyhole insight into the future of the industry, whilst at the same time, arriving at personal observations and opinion. From this month’s engagements, three things jump of the page, and in order of importance, they are listed below.

The Boardroom: The first, most important and progressive change in the security landscape is the executive’s perception of cyber security. Granted for number of years, there has been an assertion that security has been a boardroom topic, but I am afraid I, along with many others have had doubts as to what this suggested interest really amounted to in the mind of business leaders. But wait, from what I am hearing, and seeing, those occupying that polished top office are now starting to focus with serious intent and interest on this opportunity of proven risk. Possibly this pinnacle of focus has been driven out of the imposition of press security education & awareness derived out of the success of criminal malevolence. Nevertheless, let us be thankful that the reflection on this topic is now much higher up on the executive agenda – so we have a very positive move in the right direction.

The Cloud & Forensics: Fact is, all of those predictions that Cloud simply would not catch on seem to have gone silent, and interest in this out-of-perimeter operational estate is increasing with enthusiasm – but the fact of the matter is, just as bad things can happen in-house, the same bad things can manifest in that remote cloud! The problem here of course is that this ‘cloudsourced’ environment will impose a number of new thought provoking reactionary dilemmas, one of which is that of first responder forensic capabilities.  It is here where the mind of the would-be incumbent investigator needs to grasp the implications, and challenges of this new distant world. Say engaging with investigation, as far as is practicable, to map the end-to-end events, crossing over between the on, to offsite systems, and infrastructures, not to mention identifying where any artifacts of evidential interest may reside. And of course, thinking on a little further out-of-‘that’-box, how any artifacts may be (or not) be acquired. A good start here is to pre-empt the worst case scenario, and anticipate the day the shadow on insecurity darkens the door of the enterprise. To support the opportunities of response, it is wise to have some contractual interfaces and agreement in place with the provider of cloud services to interface via cross environmental obligations, thus assisting any prospect of ‘event’. It can also be a wise move to consider establishing some rights of ownership over the logical log records written to systems serving your business needs which are resident in the cloud. So, a little investment of time in the early engagement period may just pay dividends in the longer term. It may also be here that the advances made by CAMM under the Common Assurance banner, and their lead into Third Party Assurance Centres (TPAC) will provision beneficial underpin to steer robust business engagements

100% Protection:  I understand from some of my closest confidants that at a recent European security event, there was an opinion shared by some providers of anti-viral protection that ‘complete’ protection is a reality, and is achievable. OK, well, now I know this, I realise that I have been worrying about nothing, as my security is guaranteed! But alas, I have now been drawn into the state of elusion created by the marketers, and notwithstanding how much I want to believe this, sadly, I realise that such a guaranteed positioning statement may just be a tad off reality. Don’t get me wrong, I use the stuff, keep it updated, but I do not regard it as the silver bullet it was once pronounced to be. Fact of the matter is anti-viral/malware protection does not always deliver complete protection. So to be realistic, such preventative applications form ‘part’ of the overall picture of defence, alongside patch and fix, hardened configurations, and the most important element of all, SECURITY EDUCATION & AWARENESS.

Be it at home, or at work, we are living in an age where the computer has presented society with a number of fantastic opportunities. But it is also shadowed with the cloaked spectre of probable insecurity – so we need to keep a keen eye on the ball to assure we, our employers, and are families are kept safe from compromise, and/or incursion.
 

Posted 22/09/2011 by John Walker

Tagged under:CAMM,First Responder Forensic,TPAC,Cloudsourced ,Common Assurance,Cloud,Malware

Comment on this blog

You must be registered and logged in to leave a comment about this blog.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012