Security rituals

Recently I had to empty my home office of old magazines and books to get new carpet installed. I found security conference proceedings dating back to 1989 and decade-old IT magazine security articles. As I paged through I realized that most of what I read could be written today.

Sure, the buzzwords have changed. But you only need to replace references, like, "Morris Worm" with "Blaster", "public key" with "elliptical cryptography" and "Chernobyl" with "Mydoom," to recycle the stories. Even articles such as "Getting management's attention" and "Improving user awareness" could be reused word-for-word.

• Find out which year has been the worst yet for malware outbreaks.
• Learn what makes malware outbreaks a Super Bowl tradition.
• Learn how current intrusion detection and prevention trends can help you deal with malware attacks.

The only thing that's changed is there are more malware stories today. I recently spoke on e-mail security and focused my presentation on how Internet-based attacks have remained consistent over time.

Clearly, attacks have evolved to take advantage of new technologies. For example, computer viruses were originally spread through floppy disks; then, they spread via Web sites and newsgroups. And, with the growth of file attachments, viruses spread through e-mail. Today's viruses find instant messaging file transmissions a rampant spawning ground.

The computer community is shocked when a (supposedly) new attack is discovered. When in fact, it's just another version of a different attack. New attacks are extremely rare; most threats are a different buffer overflow, a new adaptation of phishing, or another exploitation of poor passwords or computer settings. It shocks me that some companies were hit by Code Red, and then by Nimda only months later.

People ignore recent events, and sometimes overlook history. What's more numbing is that some security professionals don't even know the history. As a director for a local ISSA chapter, I was privy to a study that said that 70% of ISSA members have been in the security profession less than three years -- which exposes some unique issues.

While today's attacks come more frequently, and with less warning, there's no magic to computer security. Good security programs involve proactive and steady countermeasures. Security programs that acknowledge history by implementing security basics, including good configuration baselines and updated patch management and antivirus software, are most effective.

Network security professionals often relish in "the good, old days," and those with 10 years or more have valuable experience to share, which could be developed into reading lists or even articles about lessons learned. If you're new to the profession and want to improve your skill set, take a break from reading about the latest technologies and dig in to some outdated, but relevant security books and articles.

About the author
Ira Winkler, CISSP, CISM has almost 20 years of experience in the intelligence and security fields, and has consulted to many of the largest corporations in the world. He is also author of the forthcoming book, Spies Among Us.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. BROWSE BY TAG Application and Platform Security,   Email Protection,   Email Security Guidelines, Encryption and Appliances,   Guest Commentary,   VIEW ALL TAGS Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Email Security Guidelines, Encryption and Appliances How to confirm the receipt of an email with security protocols Best Email Security Products Can an IP spoofing tool be used to spam SPF servers? WatchGuard acquires email and Web security vendor BorderWare McAfee to acquire email SaaS vendor MX Logic What does 'invoked by uid 78' mean? How to configure firewall ports for webmail system implementation Fierce competition prompted new Cisco email security options Cisco brings email security appliances closer to SaaS Cisco offers more email security choices, but lacks vision Tips Run, don't walk, toward IPS security Don't be the first on the block to own SP2 The 9/11 Nimda chaser Guest Commentary Google hacking exposes a world of security flaws Eliminating the threat of spam email attacks Outsourcing IT services: Is it worth the security risk? How permanent is your storage solution? Honeypots can strengthen reconnaissance and lower intrusion noise Freedom of speech or lack of professional responsibility? This year compliance, next year control Senior security member explains his position on Abagnale Computer Security Institute's leader responds to Abagnale flap Spokesman or poster child? RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary asymmetric cryptography  (SearchSecurity.com) challenge-response system  (SearchSecurity.com) cryptographic checksum  (SearchSecurity.com) data encryption/decryption IC  (SearchSecurity.com) elliptical curve cryptography  (SearchSecurity.com) Escrowed Encryption Standard  (SearchSecurity.com) MPPE  (SearchSecurity.com) Quiz: Cryptography  (SearchSecurity.com) session key  (SearchSecurity.com) Twofish  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.