Security rituals

Recently I had to empty my home office of old magazines and books to get new carpet installed. I found security conference proceedings dating back to 1989 and decade-old IT magazine security articles. As I paged through I realized that most of what I read could be written today.

Sure, the buzzwords have changed. But you only need to replace references, like, "Morris Worm" with "Blaster", "public key" with "elliptical cryptography" and "Chernobyl" with "Mydoom," to recycle the stories. Even articles such as "Getting management's attention" and "Improving user awareness" could be reused word-for-word.

• Find out which year has been the worst yet for malware outbreaks.
• Learn what makes malware outbreaks a Super Bowl tradition.
• Learn how current intrusion detection and prevention trends can help you deal with malware attacks.

The only thing that's changed is there are more malware stories today. I recently spoke on e-mail security and focused my presentation on how Internet-based attacks have remained consistent over time.

Clearly, attacks have evolved to take advantage of new technologies. For example, computer viruses were originally spread through floppy disks; then, they spread via Web sites and newsgroups. And, with the growth of file attachments, viruses spread through e-mail. Today's viruses find instant messaging file transmissions a rampant spawning ground.

The computer community is shocked when a (supposedly) new attack is discovered. When in fact, it's just another version of a different attack. New attacks are extremely rare; most threats are a different buffer overflow, a new adaptation of phishing, or another exploitation of poor passwords or computer settings. It shocks me that some companies were hit by Code Red, and then by Nimda only months later.

People ignore recent events, and sometimes overlook history. What's more numbing is that some security professionals don't even know the history. As a director for a local ISSA chapter, I was privy to a study that said that 70% of ISSA members have been in the security profession less than three years -- which exposes some unique issues.

While today's attacks come more frequently, and with less warning, there's no magic to computer security. Good security programs involve proactive and steady countermeasures. Security programs that acknowledge history by implementing security basics, including good configuration baselines and updated patch management and antivirus software, are most effective.

Network security professionals often relish in "the good, old days," and those with 10 years or more have valuable experience to share, which could be developed into reading lists or even articles about lessons learned. If you're new to the profession and want to improve your skill set, take a break from reading about the latest technologies and dig in to some outdated, but relevant security books and articles.

About the author
Ira Winkler, CISSP, CISM has almost 20 years of experience in the intelligence and security fields, and has consulted to many of the largest corporations in the world. He is also author of the forthcoming book, Spies Among Us.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Tips Run, don't walk, toward IPS security Don't be the first on the block to own SP2 The 9/11 Nimda chaser Email Encryption (SMIME & PGP) Tumbleweed merger seen as a negative for email security customers Secure messaging complications result in limited protection Information security book excerpts and reviews ING hopes to cut phishing attacks with encryption software Companies still monitoring email manually, survey finds Should iPhone email be sent without SSL encryption? Can the symmetric encryption algorithm for S/MIME messages be changed? Security vendor Postini acquired by Google Which email encryption products can be released internationally? What are the pros and cons of using an email encryption gateway? Email Encryption (SMIME & PGP) Research Guest Commentary Google hacking exposes a world of security flaws Eliminating the threat of spam email attacks Outsourcing IT services: Is it worth the security risk? How permanent is your storage solution? Honeypots can strengthen reconnaissance and lower intrusion noise Freedom of speech or lack of professional responsibility? This year compliance, next year control Senior security member explains his position on Abagnale Computer Security Institute's leader responds to Abagnale flap Spokesman or poster child? RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary asymmetric cryptography  (SearchSecurity.com) cryptographic checksum  (SearchSecurity.com) data encryption/decryption IC  (SearchSecurity.com) deniable encryption  (SearchSecurity.com) elliptical curve cryptography  (SearchSecurity.com) Escrowed Encryption Standard  (SearchSecurity.com) MPPE  (SearchSecurity.com) Quiz: Cryptography  (SearchSecurity.com) session key  (SearchSecurity.com) Twofish  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.