Slashdot Mirror

← Back to Stories (view on slashdot.org)

EndGame CEO: Root Out Hackers Before They Strike (qz.com)

Posted by EditorDavid on from the phreaking-out dept.

The CEO of Endgame, Inc. is calling for an "offensive mindset" to defend enterprises from hackers. An anonymous reader quotes Nate Fick's article on Quartz: Rather than relying on imperfect prevention techniques, or waiting for a breach to happen and then reacting to it, defenders need to 'turn the map around' and hunt proactively for the attackers in order to root out adversaries before they have a chance to do real damage. This is the next frontier of cybersecurity... the vast majority of cybersecurity spending is still going to prevention and perimeter security. Prevention is necessary, but it's not sufficient and it certainly doesn't justify 90 cents of every security dollar...

The government has already figured this out. Across the Department of Defense, the intelligence community, and other forward-leaning agencies, this proactive hunting is already happening, and it's becoming more widespread. Enterprises need to embrace the same mindset.
Fick points out that despite $75 billion on enterprise-level security spending, more than three-quarters of Fortune 500 companies have been breached within the last year.

7 of 148 comments (clear)

  1. All well and good for nation states by Anonymous Coward · · Score: 5, Insightful

    All well and good for nation states, but typically pro-active "defense" is known as 'attacking', which is almost always against the law when not done by a nation state...

  2. I've got one for you: wise up, do your homework. by Anonymous Coward · · Score: 5, Insightful

    Just stop babbling nonsense. It seems that "we gotta get 'em basterds" makes for a better headline, but... every breach I've seen in the last years is due to *catastrophic negligence*. Including the (admittedly, for the time) very high tech Stuxnet thingie in Natanz. I mean: a SCADA for a friggin' enrichment facility hanging off fucking Windows computers with open USB ports? And operators willing to stuff a $RANDOM_USB_STICK into that? Seriously?

    How many levels of fail was this?

    Now go through all the last breaches, and think again: how many levels of fail?

    > Fick points out that despite $75 billion on enterprise-level security spending, more than three-quarters of Fortune 500 companies have been breached within the last year.

    So stop buying snake oil and take your security seriously. It starts by educating your people, thinking hard about (gasp!) social factors, investing in people (double gasp!).

    Next step is implementing technical measures. Make sure that someone in-house understands thoroughly what's going on. Resist the urge to buy the next shiny thing because the salespeople of this company look smartest: remember that the investment in those smart salespeople isn't going into hard core development -- and that's what you want.

    Fick's an idiot. This kind of sabre-rattling is just a way to divert from realizing how sad the state of our industry is, where well-known "products" often enlarge your attack surface instead of reducing it.

    Fick reminds me of some dictator in some semi-failed state making up an Enemy of the Nation to make people forget that their actual problem is internal corruption and missing crops.

  3. I can't even imagine what he's talking about. by h33t+l4x0r · · Score: 1, Insightful

    How do you 'root out' a non-domestic hacker? Drone strikes?

  4. Re:Good luck with that by davester666 · · Score: 5, Insightful

    Yeah, requires three things: time, effort and money

    1. Time and effort: Any IT working "looking for hackers attacking the network" is automatically assumed to be doing unproductive work by their immediate supervisor. Or by their supervisor. It is also pretty likely that none of his bosses will not understand anything he has done to stop a hacker, and they are also unlikely to believe him. Released to look for other opportunities.
    2. Money: any money spent on this "looking for a problem proactively" is money not available for the executive bonus pool. Since the result of anyone working on doing this at best can only claim to have stopped someone, and only MAY have prevented a loss of some kind, clearly the first executive that realizes this deserves a bonus at least equal to the budget of the department he just cut, because that is real, verifiable savings going hundreds of years into the future. He basically has just saved the company from bankruptcy.

    --
    Sleep your way to a whiter smile...date a dentist!
  5. Buzzword bonanza by Anonymous Coward · · Score: 4, Insightful

    Read the article, and I honestly don't see his end goal.
    Got the impression all he wants is penetration testing and security through obscurity, or monitor incoming traffic for "malicious intent".
    I could be mistaken as the whole article was a bit of a buzzword bonanza.

  6. Threat Hunting by tero · · Score: 5, Insightful

    Threat Hunting isn't exactly a new concept, it's been around for ages.

    But it seems someone, somewhere decided it is going to be the new "hype-base" for magical next generation boxes.. because the previous hype (Threat Intelligence) is dying.

    So yeah, cue 2-3 years of "you must hunt proactively with our products"-hype

  7. Not just hackers... by Anonymous Coward · · Score: 4, Insightful

    We should also root out murderers before they strike, by "determining" who will commit murder and punishing them while they are still innocent. Or maybe not.
    Maybe this CEO is phenomenally dumb?