Thursday, May 5, 2011

The Next Big Thing in Information Security

Many of us in the industry are bothered by the use of security vendors selling based on Fear, Uncertainty, and Doubt (FUD). FUD gets in the way of rational thought and often has a negative impact on proper prioritization and budgeting. Specific vulnerabilities may change, but the basics have not; Threats can come from the host, application, or network.

The latest “new” scary thing to fear is the Advanced Persistent Threat. This is terrifying!!! What is this new threat? The threat is just that virus and malware authors are getting better at their jobs. Now that there is a market for cyber-crime, hostage-ware and the like, the bad guys are getting more advanced. The free market is at work and the money attracts talent. All the APT does is makes itself really hard to remove. The bad guys are just finding more ways and have better logic behind their execution. In windows for example, they are placing the their code in many location, in multiple forms, running in multiple processes that reinforce each other, and that startup in many locations and for many reasons. Their code starts early and when you kill one of their processes, another re-instantiates it. They bad guys are just getting more thorough.

Now that the security marketing guys have invented this new scary threat, there is only one solution, my solution. We need to map a very specific control to a specific threat or vulnerability. There is only one control that can meet this threat head on; the “Advanced Persistent Control” or the “Advanced Persistent Control Suite”. These are really enterprise solutions. To address the consumer space; we need a product with “Advanced Persistent Protection”. No other compensating control maps so perfectly to the threat.

I have Googled, Binged, Yahooed, Patent and Trademark searched the heck out of these things* and get no hits, so I am in the process of filing the appropriate trademark, service mark, provisional patents and copyright paperwork to protect these names and technologies. Boy do I love how the patent office allows such insanely broad patents. I own these names, but will be willing to license them to security vendors if their products and bids qualify.

That’s right, Symantec, McAfee, Kaspersky, or an up and comer, line up and start bidding. For the right price, I will sell my rights completely; otherwise I may just license limited use of the names. I must warn you, don’t think you can just take these names. They are not in common use and they are mine. Like Michael Let’s Get Ready to RumbleBuffer, I plan to carefully and jealously guard my property.

Consumers beware, if you do not have Advance Persistent Protection, you are asking to be a victim of cyber-crime.

Corporations, without an Advanced Persistent Control Suite, you are not taking due diligence to protect your customers’ data and intellectual property. I smell grounds for gross negligence. Don't be a victim, like RSA.

Bidders, you can contact me at mark.gamache@gmail.com


*Ok, there was on unrelated hit on one of the terms. One!

2 comments:

  1. Fast forward to the present, 2/28/2012, and marketers are using the term. Enrique Salem, CEO of Symantec, is ndeed using the term "Advanced Persistent Protection". Nice of him to catch up to last year's Mark Gamache.

    Are you working for Symantec now?

    Maybe Enrique should read your blog directly instead of waiting for all the little parrots to bring the next thing to him.

    First one to register wins, right? You were first. Let's hear a software developer argue about how intellectual property restrictions should be looser. That will be funny.

    For those that don't know: http://www.scmagazine.com/protecting-information-today-for-a-secure-future/article/229625/.

    ReplyDelete
  2. Mark's always got his finger on the pulse of security, so he's spot on with the need, and the due diligence to make sure it's not being used inappropriately! Beware Security Vendors!

    ReplyDelete