tag:blogger.com,1999:blog-4088979.post799483287508279831..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Physical Security Lessons for Digital SecurityRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-4088979.post-64642624768015741842008-12-23T23:30:00.000-05:002008-12-23T23:30:00.000-05:00There problem is since so many "hackers" are beyon...There problem is since so many "hackers" are beyond our law enforcement jurisdiction (overseas), bringing people to justice in some cases is impossible.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-72681568534369208632008-12-23T12:06:00.000-05:002008-12-23T12:06:00.000-05:00Two comments on your excellent post.1) "Good MSSPs...Two comments on your excellent post.<BR/><BR/>1) "Good MSSPs (including internal ones) use an alert as an indicator to start their own investigation..."<BR/><BR/>I think this is a key distinction in the future success of MSSPs. It seems hard to allow an MSSP such access and visibility to make proper decisions, at least as long as they are third-party entities.<BR/><BR/><BR/>2) You mention how Zales is able to remove a threat using their technology. I agree with this insight, but I am not quite so sure how that carries over to the digital world for most entities. How does one attempt to remove a threat that may digitally attack from China, Turkey, Zimbabwe, Oklahoma, or Quebec when they are maybe brute forcing FTP accounts, injecting web content, or possibly stealing data while connected into your network? Unless one is a law enforcement, government, or other well-connected entity, that just doesn't seem nearly as feasible as physically capturing a thief.<BR/><BR/>That is really my basis for not completely buying into threat reduction as a major part of my security focus. I do think it should be considered, but most entities just don't have much remediation digitally.Unknownhttps://www.blogger.com/profile/15357840241031190415noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-46175894815148714852008-12-23T08:58:00.000-05:002008-12-23T08:58:00.000-05:00Great post Richard... The similarities between NSM...Great post Richard... The similarities between NSM and a physical-world SOC are remarkable.Anonymousnoreply@blogger.com