Dave Marcus, Director Security Research, McAfee
Defensive technologies are more pervasive and deployed than ever before. At the same time digital threats like identity theft, targeted attacks, so-called APTs, advanced malware and rootkits reach new highs daily. Attacks grow more sophisticated as each day passes and these attacks go seemingly unchallenged by today’s defensive technologies. Why is this?
Defensive InfoSec has lost its hacker mentality and edge. Defensive security has lost its ability to be agile like the attacker. That is why it fails.
To truly be a hacker is to take nothing for granted. It is to take technology or ideas in new directions if only to challenge the assumptions the original answer was based on. Yet today the hacking mentality only seems to have taken r00t on the offensive infosec side. Has defensive infosec ever really stepped back and examined or challenged its original assumptions?
Maybe it’s time for defensive hacking.