This year's Black Hat online security conference, held in Las Vegas, saw the return of a number of the speakers who showed up at the very first one. And while the best security practices might have changed some since that first conference was held in 1997, one thing has not changed: your best security investment lies with hiring the right people.
The point came up at a session that featured five of the professionals who spoke at the original Black Hat conference. While the main topic of the discussion was security over the next 15 years, it's natural that the speakers should consider where businesses might best spend their money. On this, all five were unanimous: invest in people, not gadgets.
Black Hat founder Jeff Moss insisted that “The best return is on your employees...I rely on people, not on a widget. I can get all the widgets I need for free from the great open source community.”
One vital issue they raised was that it's not just a matter of hiring good security staff. Businesses also need to hire good people managers. Such managers understand how to get the best out of those they manage and how to put the right person in the right role. Marcus Ranum, another Black Hat speaker who also spoke at the very first BH conference, agreed with this point. Companies can use forensics and malware specialists, of course, but they also need generalists capable of seeing the bigger picture.
To illustrate this point, Ranum pointed out that most businesses these days don't run their own payroll system. Instead, they hire a payroll service to do it for them. In the old days, when companies did run their own payroll system, they needed specialists to handle that system. Now, however, what they need is a generalist who can understand how any service (including payroll) will interact with software on the business's premises.
For more on this topic, you can check out the story here.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More Web Hosting Security Articles
More By Terri Wells