Vampires Suck, Your Security Doesn’t Have To
I spent the majority of last week at the Rochester Security Summit. It was an interesting event and a great opportunity to catch up with clients, prospects and partners. GreyCastle Security presented a session called The Top 10 Things You’re Doing to Enable Hackers, which was intended to refocus security folks on fundamentals and risk. We had fun and learned a few things, too.
As I sat listening to the speaker presenting the session just before mine, something peculiar happened. An individual sitting directly in front of me pulled out his laptop, turned it on and hit up the free wireless. Allowing the world to should-surf his password he proceeded to fire up his e-mail and remote desktop into his corporate network. Then, without logging out or securing the laptop in any way, he put it down on the chair next to him and walked out of the room. He was gone for 10 minutes.
We work in a great industry. There are many great sources for learning new security techniques, reinforcing fundamentals or simply getting a fresh perspective on old challenges. Whether you spend time at a conference, read blogs like this, or subscribe to the countless newsletters and Twitter feeds, you can always find effective guidance, opinions and how-tos from experienced professionals who are willing to share their insight.
With these vast resources, there is help for anyone and everyone. Whether you’re sitting on your couch in your pajamas, or you’re sitting in a security conference surrounded by CISSPs, your security doesn’t have to suck.