It is time for another “Overrated/Underrated” and i’m lucky enough to have Vladimir Jirasek share his views on some of Cyber Security’s key technologies and concepts. You probably know Vladimir from his roles at the UK Cloud Security Alliance Chapter, but if not – trust me when i say that he is a true security enthusiast and man of many talents.
If you’re wondering what this “Overrrated/Underrated” thing is about, let me briefly recap. I’m a big fan of NPR Planet Money. One of my favourite segments is ‘Overrated/Underrated’ where they ask economic experts to share their opinion on whether an item is overrated or underrated by the society/profession, relative to how s/he believes it should be rated. I always find it great to hear the views of the questioned experts; sometimes they are controversial, sometimes in line with my own views, sometimes flippant or funny, but always thought inspiring. So, why not ask cyber security experts about cyber things? Here is what Vladimir had to say;
Intrusion Prevention Systems
I’ll split my answer to this question into the two modes of application, as IPS can be implemented on network level as well as host level. The former, network IPS, is certainly overrated in my option. The technology is increasingly blinded by network and application level encryption as well as advances in TLS protocols. In addition, most organisations implementing IPS actually leave it in detection mode only in order to limit risk of Network IPS blocking legitimate traffic. The technology does have its place, including in cloud environments, but its importance should be lower in the security technology stack, hence overrated status.
Host based IPS, on the other hand, is a technology that is firmly embedded into operating system defences; Perhaps it is not called Host IPS anymore nowadays. Looking at known bad behaviour (signature based),as well as heuristic analysis of operating system, user and application activity means it is a really useful tool in overall cyber security architecture. I firmly believe it will be embedded into operating systems and as such it is still underrated technology.
It is hard to escape the hype around blockchain. I have been involved in a few blockchain projects, one of them Lethean VPN where blockchain is used to handle payments for VPN services in an truly anonymous way. Is blockchain under- or overrated? Hard to settle on either option as many use cases are flawed (looking how to solve already solved problem with blockchain) or very much pioneering (using blockchain to support processes and relationships where centralised authority would not work). For example, I believe peer to peer payments and supply chain compliance use cases are currently underrated and should receive bigger attention.
This one is easy – “overrated”. An industry still clinging to an archaic system of 16+ payment card numbers when in fact there are much better, and cryptographically stronger, payment methods is just insane. Also, PCI DSS, while conceived with great intention at the time, feels archaic, prescriptive, and simply unnecessary. My vote is to scrap PCI DSS and use better international frameworks and standards to protect payment card data (while this archaic system exists), such as NIST CSF.
Do you think Vladimir’s view is spot on or way off? Share your comments or write your own post. The important bit is that we, as a profession, keep an open mind and continue with constructive discourse. You can read more about Vladimir under https://www.vladimir.jirasek.eu/.
This blog post originally appeared on LinkedIn