July 28, 2004

Blackhat Briefings: Forget the borders, guard the goodies

Author: Joe Barr

LAS VEGAS, NEVADA -- The Blackhat Briefings got underway this morning at Caesar's Palace in Las Vegas, Nev. Conference organizer Jeff Moss kicked off the session and took the time to describe what he had in mind for the benefit of first-time attendees. A crowd of nearly 2,000 was still getting settled in their seats as Moss began by explaining that he did not want an academic conference, with presenters delivering presentations and attendees sitting quietly and taking notes. He encouraged everyone to make the sessions interactive, asking questions, challenging speakers, and sharing knowledge with others. He also pointed out that folks here will not get pigeon-holed by vendors and forced to listen to sales spiels. The vendors have been encouraged to staff their booths with engineers instead of marketing drones.

Paul Simmonds, Global Information Security Director, ICI, gave the keynote speech entitled "This Decade's Security Challenge." Simmonds' message might be startling to some. Boiled down to its essence, Simmonds says to forget perimeter defenses. We've lost that war. It's over. It doesn't work. the answer is to bring the defenses into close proximity with the data being protected. Guard the goodies, not the border. Unfortunately, that's not as easy as it sounds.

Firewalls? Forget them. What corporations are doing today, Simmonds says, is installing Windows desktops with all ports open, plopping them behind a firewall, and feeling secure. They're not. IDS at the edge? To borrow his own analogy, they make just as much sense as scanning passengers getting off a train at the station, hoping to spot someone who might be coming to rob your home.

Simmonds admits we are years away from being able to "de-perimiterize" defenses, but insists that a good design for data security must work whether there are firewalls in place or not. In the meantime, start moving all your Internet connections to secure protocols, start looking for portable, interoperable file security which provides the same user-specific permissions as the data moves from one machine to the next, and don't leave ports open that you don't need. And do it all using open standards.

Speaking of open standards, Simmonds is also heavily involved in The Jericho Forum, made up of corporate IT security professionals who believe that an Oracle security solution, or a Microsoft solution, or a Sun solution is not good enough. The Jericho Forum is "dedicated to the development of open standards to enable secure, boundaryless information flows across organisations."

Following the keynote, the crowd spilled out of the conference room and scattered to one of five different locations for the next hour's sessions. The Blackhat Briefings not only have a record crowd this year, but a record number of presenters and sponsors. There are five concurrent sessions each hour, all day. It's busy.

More to come...

Category:

  • Security
Click Here!