More posts by this contributor:
As the times change, the security community needs to adapt.
We live in an imperfect world, as Alex Stamos2, Chief Information Security Officer of Facebook pointed out in his recent BlackHat 2017 keynote address . Instead of trying to punish each other, hackers and innovators need to work closely to ensure a higher order.
Other security thought leaders have echoed similar sentiments.
Refreshingly, security thought leaders are driving cultural change from the top . Besides technological innovation, we are beginning to see changes in sales, diversity and culture . We are growing up, albeit slowly.
Product Innovation, Garbage and Lies
Ping Li, 5Partner at Accel Ventures reminded me that we are still in early innings of a long game . The security sector is evolving rapidly and we are still developing a common nomenclature, a lingua franca for our business . Visibility into systems, managing patches, vulnerabilities and security workflows are still being accomplished with rudimentary tools, Lu said.
Newcomers like Corelight6 (backed by Accel), Awake Networks7 (backed by Greylock Ventures) and EastWind Networks8 (backed by Signal Peak Ventures) are innovating on visibility of traffic and threats . In data security, ThinAir9 and Onapsis10 (securing ERP systems) have carved out an interesting niche in the market while Pwnie Express11 is positioning itself to win the IoT / ICS security market.
Empow Networks12, a Gartner Cool Vendor of 2017 wants to create a novel abstraction layer to manage all security tools effectively and Demisto13 (in which I am an investor) is bringing much needed automation to incident response. Nyotron14 just raised $21 million to redefine endpoint security . As drones grow from a mild nuisance to a significant headache, several security startups like Airspace15 and Dedrone16 have jumped in to protect the three dimensional perimeter.
Calling BS on the marketing hype, several presenters at BlackHat offer an unvarnished view of the state of technology .
In her talk, Garbage in Garbage out17 Hillary Sanders, a data scientist with Sophos18 pointed out that if ML models use sub-optimal training data, the reliability of the models will be questionable, possibly leading to catastrophic failures.
She trained models based on three separate data sources and found that if a model is tested on a different data set, the outcomes varied significantly (See 3 X 3 matrix) . Put it differently, if I was trained to recognize a cat in one school, and if I moved to a different school, my ability to identify a cat will drop dramatically.
Caveat Emptor: Do not believe the ML hype unless you have seen the results on your own data sets . Each vendor will train their models on different data sets, which may not be relevant to your environment . And then as new malware data is discovered, stuff gets stale . Chances are that the model may need to be trained or else could start to behave erratically . We live in an imperfect word indeed.
Feed me some garbage: ML Training and Test Data Variances (Image Courtesy: Hillary Sanders, Sophos Labs)
In another presentation aptly titled, Lies and Damn Lies19 Lidia Guiliano and Mike Spaulding presented an analysis of various endpoint marketing claims and debunked these systematically . They spent five months digging into various endpoint offerings and concluded that threat intelligence simply does not work . While endpoint solutions are better than signature based detection, they are no silver bullets.
When it came to drone security, Bishop Fox20, a security consulting firm took a Mythbusters approach to 21research 86 drone security products . Francis Brown, partner at Bishop Fox presented Game of Drones in which he concluded that the solutions are rife with marketing, but most of them are not yet available.
The study concluded that while the 1st generation drone defense solutions/products are being deployed, there are no best practices .
Everything from drone netting, shooting, confetti cannons, lasers and jammers was being used (including falcons) . The vendors have gone wild indeed . If lasers, missiles and falcons are being deployed, what s next?
BlackHat + DefCon may be the only conference in the world where the forces of creation and destruction operate at the same venue . The builders (Suits) show off their wares at briefings and the hackers (T-shirts) show off their arsenal of how they break stuff both mingle freely, challenge each other and do a thumbs-down / eyeroll at the other side . It s like a weird semi-drunk tribal war dance . And unless the elders of the tribe, like Stamos and Yoran, do not call BS on this childish behavior, we will never grow up.
Innovation in Go-To-Market tactics:
Ben Johnson, CTO of Obsidian Security22 recently raised $9.5 million from Greylock (and since the announcement, has been inundated with Series B interest) . In security, all revenues go to hire even more salespeople he says . Is that a healthy practice ? As co-founder of Carbon Black, Ben called upon over 600 enterprise customers and in his current role, is actively exploring more innovative ways to get the product out .
Indeed, when fear drives sales, innovation is harder . As an industry, we need to look at a better way of selling security products . However there is dearth of intelligent tactics . Partnerships with System Integrators (SIs), Channel Partners, Value added Resellers (VARs) and Managed Security Service Providers (MSSPs) are variants to the theme . Margins and accountability get slimmed down as the number of partners grows. Virgil Security23 a data security company (for which I am an advisor) has built a developer-first platform offering tools to build encryption seamlessly . Virgil offers its security platform as a service and the GTM approach can become highly efficient in such scenarios.
Purple Rain, Culture and Diversity
In his BlackHat keynote, Alex Stamos touched upon the importance of diversity of thought, gender and culture . His call to action included behaving responsibly (and not childishly) within a societal framework.
A large number of people in emerging markets will be using $50 phone, not $800 iPhones how do we protect this new wave of digital citizens ? What is the role of a security professional in the context of law enforcement ? Can we learn to empathize with the product builders, the users, the government?
To the security nihilists, Stamos reminded them that not everyone is out to get you . At a more fundamental level, Caroline Wong, VP of Security Strategy at Cobalt24 presented the security professional s guide to hacking office politics .
Security teams need to know more about the business challenges, not just technology . We should be able to understand the flow of money, not just data she pointed out.
The debates have just started in an open honest fashion and IMHO, culture changes slowly . For now, we have added a new color there were Red Teams and Blue Teams . The offense and the defense . Like two sides of security at a perpetual war . At BlackHat 2017, the concept of Purple Teams was introduced by April Wright, who hopes the two warring factions should cooperate and work well together . And yes she also suggested that security should never be an afterthought to which we all say Amen!
Featured Image: Bryce Durbin/TechCrunch
- ^ Secure Octane (www.secureoctane.com)
- ^ Alex Stamos (www.facebook.com)
- ^ Amit Yoran (en.wikipedia.org)
- ^ Tenable Networks (www.tenable.com)
- ^ Ping Li, (www.accel.com)
- ^ Corelight (www.corelight.com)
- ^ Awake Networks (awakesecurity.com)
- ^ EastWind Networks (www.eastwindnetworks.com)
- ^ ThinAir (www.thinair.com)
- ^ Onapsis (www.onapsis.com)
- ^ Pwnie Express (www.pwnieexpress.com)
- ^ Empow Networks (www.empownetworks.com)
- ^ Demisto (www.demisto.com)
- ^ Nyotron (nyotron.com)
- ^ Airspace (airspace.co)
- ^ Dedrone (techcrunch.com)
- ^ Garbage in Garbage out (www.blackhat.com)
- ^ Sophos (www.sophos.com)
- ^ Lies and Damn Lies (www.blackhat.com)
- ^ Bishop Fox (www.bishopfox.com)
- ^ a Mythbusters approach to (www.bishopfox.com)
- ^ Obsidian Security (www.obsidiansecurity.com)
- ^ Virgil Security (virgilsecurity.com)
- ^ Cobalt (cobalt.io)
DUBAI (Reuters) – Three Saudi men on a list of 23 people wanted by the authorities over security offences have turned themselves in, the interior ministry said on Monday.
The report, carried by state news agency SPA, came as Saudi security forces pushed ahead with an operation in the eastern part of the kingdom to try to flush out armed men, including those on the list announced in January 2012 . The area is home to many of the country’s minority Shi’ite Muslims.
The interior ministry identified the three as Mohammed Isa al-Lubbad, Ramzi Mohammed Jamal and Ali Hassan al-Zayed, and said their “initiative (to surrender voluntarily) will be taken into consideration”.
Many of those on the list have been either killed or captured in recent years . The Saudi Gazette newspaper said that only three of those on the original list remained at large, while eight have surrendered .
The rest were killed during clashes with the security forces, it said.
Saudi security forces have been trying for more than two months to defeat gunmen behind attacks on police in Awamiya, a Shi’ite town of around 30,000 in the eastern region that has been the centre of protests against the Sunni government.
Fighting has intensified over the past two weeks, when elite forces entered the town . In May the authorities began a campaign to tear down the old quarter to prevent gunmen using the narrow streets to evade capture.
Residents estimate that up to 20,000 people have fled to towns and villages nearby . Up to 12 people have been killed in the past week: three policemen and nine civilians, residents say.
The area, in oil-producing Qatif province, has seen unrest and occasional armed attacks on security forces since 2011 “Arab Spring”-style protests .
Residents complain of unfair treatment by the government, something Riyadh denies.
Reporting by Sami Aboudi; Editing by Andrew Bolton
BEDMINSTER, N.J. (Reuters) – Three military helicopters hovered over Anne Choi’s backyard, engaged in what appeared to be a drill ahead of President Donald Trump’s visit three weeks ago to this tranquil town of farmland and horse barns in rural New Jersey.
“My sheep were terrified,” Choi, 44, said on Thursday inside her two-story barn a mile east of Trump National Golf Club, as half a dozen Shetland sheep grazed outside. “It’s awful . We don’t have the infrastructure here . We can’t support the weight of his presence.”
As Bedminster prepared this week for the president’s latest trip to the 600-acre (240-hectare) private club, a 17-day stay that is his first extended vacation in office, some of the town’s 8,000 residents expressed frustration at the security protocols, road closures and daily disruption that will begin with his arrival on Friday.
On Wednesday, the U.S .
Secret Service said safety measures would also include a “tethered drone,” equipped with optical and infrared cameras and powered by a wire attached to a ground controller, that could impede on the privacy of nearby residences.
“It’s super creepy,” said Julie Henderson, an artist who lives down the road from Trump National, as two military helicopters roared overhead before circling and heading back towards the golf club.
The Secret Service said the drone would focus primarily on the outer perimeter and would not “physically intrude upon or disturb the use of private property outside the Trump National Golf Course.”
Trump’s movements can also lead to the closure of local roads and highways . Julie Henderson’s husband, Paul Henderson, said he has twice been stuck on an Interstate on his way to work while Trump’s motorcade used the highway.
Not everyone in this town about 40 miles (60 km) west of New York City agrees Trump’s visit will be a nuisance . Steve Desiderio, who owns a restaurant and catering business in Bedminster’s modest downtown, said the influx of federal agents and journalists would be a welcome boost to his business.
Desiderio, a 48-year-old Trump supporter, added that complaints about the disruption were overblown and media-driven.
“It’s just fake news,” he said, echoing one of the president’s favourite phrases. “They try to spin it like it’s gridlock . So there are five more cars at the stoplight?”
FILE PHOTO -U.S . President Donald Trump departs in his motorcade after a weekend at his golf estate in Bedminster, New Jersey, U.S . May 7, 2017.Jonathan Ernst/File Photo
Bedminster’s Republican mayor, Steven Parker, also brushed off the criticism.
“It’s really been a big non-event,” he said.
Some residents said Trump has been a generous neighbour in past years, allowing local events to be hosted at his club . As in previous years, the township committee held its annual reorganization meeting in 2017 at Trump National, where Parker was selected to continue as mayor.
While Trump’s visit may help the town’s eateries, it will shut down the local airport, where 110 private planes and 60 flight school students will be grounded from Aug .
4 to Aug .
“Our summertime is our busiest time,” said Somerset Airport President Chris Walker, as a Coast Guard helicopter landed on the runway in preparation for the weekend. “We’re just rolling with the punches.”
About half of the planes were being moved to other airports outside the 10-mile (16-km) no-fly zone, Stewart said . Some workers will be sent home until Trump returns to Washington.
Trump has also drawn local protesters, both for and against him . Anti-Trump activists have been staging a weekly “People’s Motorcade,” driving slowly down the road past Trump National and honking their horns.
The town’s administrator, Judith Sullivan, said they were more of a distraction for her 16-member police department than the president, though they have largely been well behaved.
She hopes to recoup the $30,000 in overtime for officers working during Trump’s visit from the U.S .
Choi, who moved to Bedminster from Maryland two years ago, said she likely would not have chosen her house had she known the “summer White House” would be only a mile away.
“Even if you agree with his politics, I think we can all agree that this is not what we bargained for,” she said.
Reporting by Joseph Ax; Editing by Jonathan Oatis