quoting chief equifax security musician

Sep. 10th, 2017 05:24 pm
juan_gandhi: (Default)
[personal profile] juan_gandhi
Susan Mauldin.
Susan: “Big data for security, it's an important concept for us. It was really nothing more than network monitoring before security really became its own profession but even then, you had network analysts who were analyzing packets all the time and looking at firewall logs and proxy traffic and so forth. That was really sort of big data at the time. Now, though, we have so many alerts and logs and access control information that there is information coming from every device on the network, and it’s all IP addressable. 
 
Everything that is IP addressable sends us some kind of information to be inspected, so it is not unusual for a security team to have a terabyte of data to sort through in a week. With this data, we’re looking for the needle in the haystack… the anomaly that shows something is not quite right. Our big data challenge is how to sort through all of that data quickly and in a manner that satisfied the use case that we are looking for.”

“Generically, every breach has the big data problem. For example, in a malware incident that results in a breach, the malware comes in and spreads across the environment. It’s trying to map your environment to see what's there. In doing so, it touches a number of systems, all of which have logs and alerts in which the security team needs to review. Each IP addressable device has data regarding the packets, how it’s been used, who has been accessing it, etc. Depending on the severity of the breach, the security team may have to interview several people during the investigation… and then the scope expands.  
 
When that scope expands, the security team typically has to deal with a sudden increase in big data -- logs, alerts, etc. -- making budget planning critical. Right now I'm planning my budget for next year, and I hope I ask for enough disk space and computing power so that the infrastructure is prepared for future attacks. Waiting 24 hours for the next change window is a very hard problem to have, given the CEO and Board are seeking fast answers. Burst capacity is really critical for the security team who needs to find answers quickly.”

src

The kind of people that are responsible for maintaining data security for most of our country.

Snowden and Manning at least knew what they were doing.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2017-09-11 12:35 am (UTC)
1master: (Default)
From: [personal profile] 1master
chief security musician это пять

Date: 2017-09-11 12:57 am (UTC)
From: [personal profile] marooned_in_paradise
https://www.boardroominsiders.com/executive-profiles/1006308/Equifax,-Inc./Susan-Mauldin

Mauldin graduated with a BA in music composition and a Master of Fine Arts degree in music composition both from University of Georgia.

Date: 2017-09-11 03:12 am (UTC)
1master: (Default)
From: [personal profile] 1master
Я знаю, собственно, без этого знания так смешно не было бы
(reply from suspended user)

Date: 2017-09-11 02:02 am (UTC)
juan_gandhi: (Default)
From: [personal profile] juan_gandhi
The idea is, we did not do it, bad people did.

Date: 2017-09-11 03:03 am (UTC)
scholar_vit: (Default)
From: [personal profile] scholar_vit
Word salad.

Date: 2017-09-11 04:27 am (UTC)
From: [personal profile] qvb
Судя по всему дамочка - умелец поговорить "ни о чем". Ей бы в коммюнити органайзеры пойти, там эти скиллзы очень ценят. И риска завалить работу там не в пример меньше.

Но интересно другое - кто ее нанял на такую должность с такими credentials?

В принципе за одно это Эквифакс можно засудить, как gross negligence.

Date: 2017-09-11 04:46 am (UTC)
juan_gandhi: (Default)
From: [personal profile] juan_gandhi
Да. Дело-то не в дуре, а в тех, кто таких нанимает.

Date: 2017-09-11 06:42 pm (UTC)
cema: (Default)
From: [personal profile] cema
Дура не дура, а это самое имеет.

Date: 2017-09-18 06:56 am (UTC)
From: [personal profile] sassa_nf
I am not sure what you would expect a security officer to tell in the interview.

Date: 2017-09-15 06:24 am (UTC)
stas: (Default)
From: [personal profile] stas
В крупном менеджменте, собственно, ценят не меньше. Как там было - рот закрыл, рабочее место убрано. Чем отличается хороший руководитель от булшит-артиста, до сих пор никто толком не знает, но диплом там точно не при чём. А как выбирать - так и выбирают, методом научного тыка.

Date: 2017-09-15 02:28 pm (UTC)
From: [personal profile] qvb
>>>В крупном менеджменте, собственно, ценят не меньше. Как там было - рот закрыл, рабочее место убрано.

Ну на должность вроде чиф секюрити так нанимать не стоит, уж очень последствия плохие бывают.
Это все-таки техническая должность, нужно domain knowledge.

Date: 2017-09-11 08:46 am (UTC)
timelets: (Default)
From: [personal profile] timelets
In a way, it's quite logical:

Data Size -> IT Security Budget Size, i.e.

Small Data -> Small Budget
Big Data -> Big Budget

Date: 2017-09-11 11:15 am (UTC)
irene221b: (Default)
From: [personal profile] irene221b
Если они и правда погорели на старой версии struts, то это вполне может быть так:
CSO: мы считаем, что критические апдейты надо устанавливать в 24 часа.
CIO: нам нужно 6 месяцев, чтобы выкатить любой апдейт в продакшн и не разнести всю эту халабуду вдребезги пополам.

CIO wins every time.

Хороший CSO в большой организации - это не тот, кто лично с утра нашел новый RCE, а тот, кто выиграл войну с CIO.

Сноуден и Маннинг вообще ни о чем. Украсть пачку файлов с сервера - больших организационных способностей тут не надо.
Edited Date: 2017-09-11 11:16 am (UTC)

Вот только

Date: 2017-09-11 11:48 am (UTC)
dimview: (Default)
From: [personal profile] dimview
Говорят, что не на старой версии struts, а на 0day. Этот баг пофиксили уже после того, как эквифакс был хакнут.

Если так, то претензии к тётке могут быть разве что про ликвидацию последствий.

Date: 2017-09-11 02:24 pm (UTC)
juan_gandhi: (Default)
From: [personal profile] juan_gandhi
Это тоже верно. Но без наличия какого-либо образования... да и видно, какую чушь она несет.

Date: 2017-09-11 06:40 pm (UTC)
From: [personal profile] yussouf
а какую?

детализируйте (хоть бы и пальцем ткните) - а то у вас выступление в стиле социалите, да причем женского пола, получилось: "мы ж все понимаем!"

Re: с хаштагом не поспоришь...

Date: 2017-09-18 04:40 am (UTC)
juan_gandhi: (Default)
From: [personal profile] juan_gandhi
Good point actually. It's not that simple.

well

Date: 2017-09-18 05:00 am (UTC)
From: [personal profile] debedb
the degree part is not that simple

but that CISO person was clearly out of place, as the word salad in that interview shows

Date: 2017-09-15 06:21 am (UTC)
stas: (Default)
From: [personal profile] stas
"Oh shit, he asked about big data and security and I have no slightest idea what big data even is. Let's hope he doesn't either. Bullshit cannons, fire at will!".

Date: 2017-09-18 07:01 am (UTC)
From: [personal profile] sassa_nf
Honesty is not necessarily what is needed from a security officer in a public interview.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

juan_gandhi: (Default)
Juan-Carlos Gandhi
patryshev.com

June 2025

S M T W T F S
1 2345 6 7
8 9 10 11 121314
15161718 192021
22232425262728
2930     

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags
Page generated Jun. 21st, 2025 08:16 am
Powered by Dreamwidth Studios