As most people in my personal and professional networks know, I am leaving Providence Health & Services for a new job. But, unless I’ve talked directly with you about it, it’s likely that you don’t know WHERE that new job is. Today all the waiting is over. Before this, all of the executive leadership of Providence had to be informed and all the employees of my new company needed to know what was happening.
Effective September 30, 2013 I will be the Vice President, Advanced Security & Strategy for CORE Security in Boston. In that role, I will be responsible for providing tactical and strategic leadership for product capabilities, market positioning, strategy and product placement. CORE provides two great products in the security market. Impact Pro, the market leading penetration testing tool, and CORE Insight, an innovative and market leading tool for advanced vulnerability management and predictive security analysis.
Most people in the information security field who know me also know that I am firmly convinced that the bad guys are currently winning the war we are engaged in. I have been doing what I can to improve that situation. This move is, in many ways, because I want to do even more to change the situation. One key area where we can do that is by providing security professionals with tools that allow them to reduce the attack surface they have to worry about. Right now, organizations have to defend everything. CORE Security can help with how to defend what is critical in ways that are meaningful. Frederick the Great said, “he who defends everything defends nothing” … and that applies now in information security as much as it did in the 1700’s during Frederick’s military campaigns.
That’s my spiel on why I joined CORE … and if you are interested, here’s an interview with me by CSO Magazine on the move and here’s a press release from CORE on the topic.
*update* 10/2/2013 – Welcome Instapundit readers! This isn’t really a political blog, it’s about my life and times and experiences in and around information security. But look around, enjoy, comment.
The bad guys are winning in part because of the corruption of computer security researchers by Big Brother. The code that intentionally weakened security to the point where no one trusts it didn’t just get in there by itself. Someone who was paid off had to put it in there. A lot of people making bad choices. That’s just one component. Add in the ISP’s and chip designers who caved under threat of jail to install spying machines and nothing is safe. It’s time to clean sheet things.
Best wishes in your new position, Eric.
Dude! Congrats on the Instalanche!
Chris, I agree with you that there are issues from the perspective of government impact on things like encryption products. That said, the bad guys are not having to get to that level of sophistication right now. They use social engineering to gain access to an inside system, then play hopscotch from there exploiting known, unpatched vulnerabilities. Generally the attack path and kill chain is not all that long …. 5-7 systems … before they have reached the crown jewels of their target.
I need an internet security gadget, and I don’t have the time to build it for myself. Dunno if this is quite the business you’re in, but maybe someone else will read this and start building it.
Basically it’s an audit trail. Little box with two ethernet ports. Sits between my WiFi router and my cable modem. Keeps a log of every IP address / port that my router has tried to contact (and if possible, which device on my network made that request). Logs it to a USB thumb drive. Pull the thumb drive every so often and run the log through a tool like WireShark. Filter out Google, Yahoo, YouTube, etc. Put up a list of the rest, with DNS resolutions, so I can scroll through looking for malware trying to contact its boss.
Obviously the gadget should be unhackable, with a physical write-protect switch or jumper for all internal nonvolatile memory. The internal software should be open-source, if possible. And the log should be in a human-readable form, so that attempts to hack the WireShark tool (to ignore certain malware requests) can be detected by anyone with enough patience (or a different tool) to read the raw log.
I need this. I don’t know any other way to be sure my home network hasn’t been hacked. I’d pay $100 for this box, and Netgear could build it for $20. And if I need this, I suspect professional IT people might need something like this as well. Market opportunity, someone?
Pingback: Day 3 at CORE | Security, Cigars and FUD