Fred Stluka via plug on 16 Dec 2020 11:19:42 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: SolarWinds


Fred Stluka
Bristle Software, Inc. 		#DontBeATrump


On 12/16/20 12:34 PM, Keith via plug wrote:

I would tend to agree that smaller companies shouldn't be cut any slack either and I really agree with the idea that MS, Zoom, etc are given way too much slack.  For instance, I personally find it 100% unacceptable that any security company would base any sort of security infrastructure on Windows and yet, that is exactly the case why we have such an abysmal security situation generally.  This is a different situation of course but for me, I'm more interested in resilience than prevention.  The very first thing I tell people in any security conversation is that "something bad WILL happen, my job is to make sure you can still operate when it does.".  Smaller organization **should** always from to be more agile and able to adapt quicker but too many chase the large guys.   Resilience and operation durability is built through constant testing and red teaming.  The reality is that that is easier to do when you are smaller but it **has** to be done by all.  If you haven't broken your technology to understand your risks (and therefore how to mitigate them), you're doing it wrong and the bad people are going to teach you how.

Funny how their lessons are initially free.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --