Real Security Is Threat-Centric

Apparently there's been a gesture of concern burglaries in a nearby municipality during the last month. As you strength expect, topical residents responded by exchange windows with steel panels, front doors with vault entrances, floors with pressure-sensitive plates, and whatever added "security vendors" recommended. Town policymakers created newborn laws to dominion locking doors, sanctioning alarm systems, and creating scorecards for compliance. Home builders decided they necessary to adopt "secure building" practices so all these retrofitted measures were "built in" future homes.Oh wait, this is the actual world! All those vulnerability-centric measures I meet described are what likewise many "security professionals" would recommend. Instead, police identified the criminals and inactive them. From Teen burglary ring in Manassas identified:Two suspects questioned weekday gave aggregation about the others, police said. Now this gathering is facing prosecution. That's a beatific warning of what we need to do in the digital world: enable and action threat-centric security. We won't get there until we have meliorate attribution, and interestingly sufficiency attribution is the articulate I center most ofttimes from people pondering improvements in meshwork security.Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)