Reading about instances of cyber attacks, you can get the impression that the bad guys are gaining on the good guys when it comes to the security of corporate computer systems. Not so, says Richard Bejtlich, on his blog, TaoSecurity, The Way of Digital Security.
Bejtlich argues that 1) Solution providers “share enormous amounts of information on the security landscape, 2) Government agencies, such as the FBI, share as well. “Federal agents notified more than 3,000 U.S. companies [in 2013] that their computer systems had been hacked,” Bejtlich advises, (3) Books, articles and social media share – “The amount of readable material on security is astounding,” as contrasted with the late 1980s and 1990s when “hardly any books or articles were available. Now, thousands of resources exist…,” (4) Security conferences share, and (5) Private groups and limited information exchange groups share.
“If you disagree with this analysis, and continue to lament that bad guys share more than the good guys,” Bejtlich asks, “what evidence can you provide?” His challenge is reassuring, but we’d be sure to have good anti-tampering software installed anyway.