Security’s Wakeup Call

Informed commentary by Ashton Carter (the next US Secretary of Defense) and Yahoo security chief Alex Stamos was recorded in a short security briefing at the Andreessen Horowitz 2014 Tech Summit. My take away from the 30 minute podcast was this:

  • If your organization is targeted by cyber professionals they will get in (this is true of DOD, anybody)
  • You must run your operations with the assumption that the bad guys are already inside your networks

Approximate quotation “The Fortune 500 are the obvious targets. The top 30 of those have the technical capability to deal with cyber threats. The 470 other companies are screwed.” So are, for example, small midwest specialty suppliers, who are being regularly penetrated by the Chinese. It’s so much cheaper to steal their IP than to duplicate their two decades of innovation, trial and error.

On the personal level, if you aren’t using tools like 1Password and whole disk encryption then I have some easy reads for you: