The growth of so-called “black box” technologies has led to a worrying lack of awareness among many security professionals about the fundamental computing principles that underpin key disciplines.
So argued Sophos global head of research, James Lyne, during his keynote presentation at Infosecurity Europe 2015 in London today.
Lyne, who is also a director of technology strategy at teaching institute SANS and a contributor to the Cyber Security Challenge UK initiative, claimed that these tools have made us all more “tech savvy” than ever before.
Yet paradoxically, this has “disconnected” and “abstracted” security professionals from the lower level workings and principles of computing.
“This is a missed opportunity for forensics and a missed opportunity to be better pen testers,” he argued.
“It’s important that the industry has skilled individuals … so we can take on the cybercriminals, who are eternally fantastic at learning and sharing information with each other.”
Penetration testers and the like can still do their jobs effectively enough without a deep understanding of these “lower level workings,” but they could be even better by learning at a code level about how things like exploits work, Lyne argued.
“A large part of the security industry came into being because Microsoft sucked,” he claimed, adding that “poor architectural design” from Redmond had enabled cyber-criminals to find opportunities to exploit weaknesses in key systems.
Although Microsoft has now added in a host of mitigations to lock down these security holes, there are still ways that hackers can “trick a computer into abandoning the normal parameters of execution to do [their] bidding in some way.”
Lyne’s message to the assembled in the keynote theater was to overcome their fears and read up on some key exploit basics. In so doing, IT departments will hopefully get better at understanding, repelling and responding to threats.