Do security experts have to have a GED?

Joined
Dec 8, 2009
Messages
453
Reaction score
10
Points
18
Location
The same as Sheldon Cooper - East Texas
Your Mac's Specs
iMac 2014 i5 5k 32gb 1tb fusion, second TB display, 2014 MBA
Does anybody wonder (besides me) about the reason for critical systems (power, manufacturing, utilities, etc) being on the Internet in the first place? Especially now, after all that is happening, and all that has happened. And I might add, with all that is going to happen.

I have heard the summations of reasons - that it is much more efficient to control a nuclear plant from an office in New York, rather than have to pay for expensive operators to stand by at each location. (Translation - it is much better for our bottom line, and the stockholders approve of any increase there. If it melts down - well, that’s a problem for the next quarter.) Or, our steel furnaces can’t be run profitably unless the minute by minute info is in the hands of our commodity traders. And so on.

Note that I am not talking about changing to a secure OS from some version of Windows. There are none at this point that I would trust with my company (if I had one), although Redmond products would be at the very bottom of the list. And everyone else’s I would assume. Although, after reading about the use of that virus magnet in shutting down the French air force and the Royal navy a few years ago, I was sure that the story was an Internet hoax. It wasn’t.

If I consider my years of professional and hobby programing files to be of enough value to me that I only access them on an internal network with no access to the world, it would seem that an electrical grid covering five states should have at least the equivalent value.

Shouldn’t it?
 

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
43,396
Reaction score
1,000
Points
113
Location
U.S.
Your Mac's Specs
2011 17" MBP 2.2ghz, 16gig ram, OS 10.11.6
Sorry…but I don't see the connection between the thread title and the thread post?:Confused:

"Do security experts have to have a GED?"

GED = Graduate Equivalency Diploma

- Nick
 
Joined
Jul 11, 2014
Messages
296
Reaction score
5
Points
18
Your Mac's Specs
A1286 MBP5,3 running 10.9.5, iphone6, Mac mini1,1 A1176 120/2gb
I am thinking that he is talking about how many brain cells does it take to put infrastructure on the internet where it can be hacked... I see his point, but $$ win.
 

pigoo3

Well-known member
Staff member
Admin
Joined
May 20, 2008
Messages
43,396
Reaction score
1,000
Points
113
Location
U.S.
Your Mac's Specs
2011 17" MBP 2.2ghz, 16gig ram, OS 10.11.6
I am thinking that he is talking about how many brain cells does it take to put infrastructure on the internet where it can be hacked... I see his point, but $$ win.

There's no reference in the post referring to a person's education level.

Unless "GED" (in the thread title) stands for something different than I indicated in my first post.:)

- Nick
 
OP
cptkrf
Joined
Dec 8, 2009
Messages
453
Reaction score
10
Points
18
Location
The same as Sheldon Cooper - East Texas
Your Mac's Specs
iMac 2014 i5 5k 32gb 1tb fusion, second TB display, 2014 MBA
Sorry…but I don't see the connection between the thread title and the thread post?:Confused:

"Do security experts have to have a GED?"

GED = Graduate Equivalency Diploma

- Nick

Alternate Titles

<Sarcasm>

Do security Gurus have to have graduated from high school to get a job protecting a multimillion dollar installation and leaving the root signon as 'Admin' and the password as 'Password'?

or...
Or that think that the scheme A=1, B=2, C=3, etc, is really good encryption?

or...
Do highly paid CIO's realize that their internet connected reactor can be seen by quite a few people? Some of whom might even be over a hundred miles away and might not like us.

</Sarcasm>
 
Joined
Jul 11, 2014
Messages
296
Reaction score
5
Points
18
Your Mac's Specs
A1286 MBP5,3 running 10.9.5, iphone6, Mac mini1,1 A1176 120/2gb
ROTFLMAO!

Priceless!
 
C

chas_m

Guest
Any good security expert has already advised their clients of which systems should be taken "offline" (or intranet only) from the Internet. Most systems are, actually (probably the reason you still have your electric on today, in fact!).

Sometimes, however, stupid people who IGNORE the security experts (like, say, a discount retailer that ignored reports about malware in their POS systems -- or a movie studio that was warned that their network was vulnerable) leave things open to attack ...
 
M

MacInWin

Guest
Having been a consultant to CFO's, CIO's and CEO's, as well as senior local, state and Federal IT management, I can tell you that even when presented with the facts of the situation, most of them put their heads in the sand and take the "bear" approach (I don't need to outrun the bear, I just need to outrun YOU and let YOU deal with the bear). But the problem is, obviously, that in a truly targeted attack, that philosophy fails miserably. But when you look at breeches at Target, Home Depot, etc, that's more of a drive-by break in. Basically, the hackers just looked for a source of credit cards and found the weak players in that space. Sony, on the other hand, was targeted by high energy and high tech hackers. I don't know what they had in place, if anything, but about the only way they could have been protected from that attack was to be invisible to the internet except through a "burn down" DMZ. Those aren't cheap, or easy to build and maintain, but maybe Sony taught a lesson. It's no longer acceptable to just be able to outrun you, I have to outrun the bear.
 
C

chas_m

Guest
tp://www.electronista.com/articles/14/12/14/christmas.dump.incoming.with.more.interesting.sony.pictures.data/ (outdated link removed)
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top