Vulnerabilities and Exploits Are Mindless
Jofny's comment on my post Unify Against Threats asked the following: So, Richard, I'm curious which security people - who are decision makers at a business level - are focusing on vulnerabilities and not threats? If there are people like that, they really need to be fired. This comment was on my mind when I read the story FBI: US Business and Government are Targets of Cyber Theft in the latest SANS NewsBites : Assistant Director in charge of the US FBI's Cyber Division Shawn Henry said that US government and businesses face a "significant threat" of cyber attacks from a number of countries around the world. Henry did not name the countries, but suggested that there are about two dozen that have developed cyber attack capabilities with the intent of using those capabilities against the US. The countries are reportedly interested in stealing data from targets in the US. Henry said businesses and government agencies should focus on shoring up their systems' se...