Comments on: Why being Proactive in Security is Essential

By: Ralph

Ralph — Tue, 04 Jan 2011 22:07:47 +0000

There’s a lot of discussion going around on how pro-activity can be implemented in a field that is mostly reactive. However, with the right tools, training, and foresight I believe that security can reach a point where it is able to anticipate (maybe not all, but most) possible threats both in the present and in the near future. This will allow companies to better adjust their systems to address more likely threats. As cliché as it may sound, a great offense does prove to be the best defense. And when it comes to security, I think this saying holds a lot of truth.

By: don turpin

don turpin — Tue, 04 Jan 2011 21:51:50 +0000

@Calvin

But given the ever changing landscape of security (especially from a technological standpoint), how aggressive is one expected to be? I think in another article posted by GFI blog, IT companies are encouraged to strike a balance between convenience and security, but with a conscious mandate on aggressive and pro-active security, does that mean that we should be doing without the convenience and comfort of our clients for the sake of security?

By: Ellen Hall

Ellen Hall — Tue, 28 Dec 2010 05:24:12 +0000

Infecting the network card firmware with malware? Definitely, frightening stuff. But since it was done in a controlled lab environment, I wonder how something like this would play out in a real world scenario. I bet it’s much harder than it sounds. Infecting the critical systems of hardware itself is no cake walk. Does this mean that hardware firmware will start requiring their own security protocols? That’s pretty ridiculous by any stretch of the imagination.

By: Calvin

Calvin — Mon, 27 Dec 2010 06:41:06 +0000

@Nelson

I have to agree with Emmanuel on this. Proactive security simply means taking a more aggressive disposition towards system security. A lot of people (and even professional IT specialists) mistake security as a passive / reactive solution to external threats. A combination of good access control, updated software, reliable end point security, as well as excellent antivirus and intrusion detection systems (as Emmanuel mentioned) are great ways of achieving this.

By: Emmanuel Carabott

Emmanuel Carabott — Wed, 15 Dec 2010 09:28:14 +0000

@ Stevie – It’s a nightmare indeed; however, security is a war so to speak – sometimes one side has the edge and other times the other side has the edge. Right now this is a new attack vector which means it’s relatively unprotected. If it actually starts being used, measures will hopefully be put in place to address this better. Right now it’s simply too early to say. There are some protections that a device manufacturer could take to ensure this doesn’t happen, such as generating a certificate for any updating software to authenticate with the card before it allows updates for example.

@ Nelson – The steps one needs to take in order to protect against this is no different than any other scenario really. What your target is, in this case, is to prevent unauthorized and unnecessary access of the protected machine. That generally means good access control, keeping the system up to date,good end point security including antivirus and perhaps a good intrusion detection system.

By: Nelson Rogers

Nelson Rogers — Sun, 12 Dec 2010 16:35:31 +0000

I definitely agree that proactivity is essential when it comes to system security. With malware and cyber-vandalism tactics becoming even more aggressive than they originally were years ago, system admins and general computer users can’t simply rely on dated security to practices and hope to come out unscathed. As insightful as this article is, maybe you guys in GFI can suggest on how proactivity can be implemented for both average and advanced computer users.

By: Stevie

Stevie — Sat, 11 Dec 2010 17:22:18 +0000

The idea of successfully infecting your network card firmware (or any system critical devices for that matter) with malware is quite simply a nightmare come true. Restoring your system to with a clean format has always been an end-all be-all when it comes to taking out malicious software, but it seems like these tech-vandals have really gone for the jugular on this one. And to think that the scenario was replicated in a controlled lab environment. What more in the real world?