When network staff have a certain
level of understanding of security issues and how different compromises take place, they
can act more effectively and efficiently when the ???all hands on deck??? alarm is sounded.
In ten years, there will not be such a dividing line between security professionals and
network engineers. Network engineers will be required to carry out tasks of a security
professional, and security professionals will not make such large paychecks.
It is also important to know when an attack may be around the corner. If the security
staff are educated on attacker techniques and they see a ping sweep followed a day later
by a port scan, they will know that most likely in three days their systems will be
attacked. There are many activities that lead up to different attacks, so understanding
these items will help the company protect itself. The argument can be made that we have
automated security products that identify these types of activities so that we don??™t have
to. But it is very dangerous to just depend upon software that does not have the ability to
put the activities in the necessary context and make a decision. Computers can outperform
any human on calculations and performing repetitive tasks, but we still have the
ability to make some necessary judgment calls because we understand the grays in life
and do not just see things in 1s and 0s.
Pages:
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77